General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

SMB Resource unavailable

Hello,Today we had an issue with our PA-820. The access to our fileserver via SMB was reported as Resource not available in the firewall monitor and nearly all users had difficulties while accessing the file-server.We solved that issue by switching to our passive firewall. Then everything was immediately working correctly.We are using PAN-OS 9.1...

MikeHinz by L1 Bithead
  • 3492 Views
  • 3 replies
  • 0 Likes

Query regarding upgrade consideration in Panos 10.0 for "Address Groups and Service Groups"

On upgrade to PAN-OS 10.0, the Panorama management server checks for duplicate addresses in address groups (Objects > Address Groups) and services in service groups (Objects > Service Groups), and fails to commit any configuration changes if duplicate address objects and services exist.Workaround: Before you upgrade to PAN-OS 10.0, modify ...

Deepak_K by L3 Networker
  • 3207 Views
  • 2 replies
  • 0 Likes

Minemeld crashes every few days

Hi there, I'm pretty sure we've installed everything correctly and things are largely working well but every few days the system stops functioning and we need to uninstall Libtaxii and PYTZ. Then we reinstall the correct versions 1.1.111 and 2017.2 Then update the METADAT file. Any idea on what might be occurring or how to stop?

Palo Alto Stopped taking New Policy Traffic.

We recently upgraded the Palo Alto version to 9.1.7 on our physical hardware 3200 series. After 02 days we notice that before upgrade all policy rules and NAT works fine. However, The NAT and policy which we created after the upgrade not working. Not traffic or hit shows in monitoring. We rebooted the PA once still is not fixed. Is it a bug in ...

redist route from bgp to OSPF is sending more than the default route

When we turned up BGP in the Palo with ExpressRoute, we started to receive 4 subnets from Microsoft. The customer found that these subnets are being leaked into the Extreme Fabric through the OSPF adjacency to the Palo’s, where only Default route should be sent from the Palo to the Extreme. Not sure why this is happening, since it looks like th...

dbrenipc by L3 Networker
  • 5195 Views
  • 4 replies
  • 0 Likes

Resolved! Is the feature available for email reporting on getting the Threat log for every 15minutes on firewall

Hi Team, Greetings!!I have a query, whether there is a feature for generating an automatic Threat log report for every 15minutes.While checking with the firewall end i could find only for a day that is last working day alone and so on and so forth.Is there any other possible way to achieve this using any other methods? If so could some one share...

Issue with GlobalProtect after Upgrade

Hello, We're currently experiencing some issue with several clients that are trying to upgrade their client.They're moving from 2.3 to 5.1. Sometimes, the client cannot connect at all (clicking on connect button from gp client but nothing is happening)I went through multiple documentations and KB and what I found is that the service PanGPS is no...

Resolved! HA2 Options

What is the advantage of using the HSCI port for HA2 as opposed to using one or two data ports?Would a QSFP-40G-CR4 be compatible with the HSCI port? Or a SFP-H10GB-AOC5M? SFP-1000BAS?

Question about multiple filters in a User-ID Syslog Parser

Greetings all, I noticed that the syslog parser for User-ID allows you to enter multiple filters for each server... does anyone know how adding multiple filters of the same type (login for example) will work? I see there is a way to move the filters up and down in the list so I'd assume there is an order of operation but if it is able to match ...

jsalmans by L4 Transporter
  • 2259 Views
  • 1 replies
  • 0 Likes

Wrong HIP match

Dear All,issue: I have the firewall 5220 with PAN-OS 10.0.3 and I am facing an below issue:-As GlobalProtect 5.2.6 is released with support for OPSWAT v4 only while OPSWAT v3 is discontinued starting from 5.2.6, I tried to test it on a few machines. We apply HIP checking for the below:- FireEye Endpoint Agent – Installed & Real Time P...

Jafar_Hussain_0-1620221429240.png
Jafar_Hussain_1-1620221429270.png
Jafar_Hussain_2-1620221429286.png
Jafar_Hussain_3-1620221429307.png

Resolved! Captive Portal Redirect Issue

Hello! Quick question:I have captive portal set up for one zone and it works well, where my captive portal "redirect host" ip is in the same zone/subnet as my users who need to authenticate. But I'm needing to expand this so that users from several zones/subnets can authenticate via captive portal. The problem I'm having is that for users in ...

Prevent OSPF routing loops - Area 0

Hello, We have a PA5050 with a couple of VRs. VR1 is the main VR with interfaces into the main customer networks, internet access and a 3rd party linkVR2 is for GlobalProtect clients and a separate internet link for the GlobalProtect Portals/Gateways There is an eBGP Peer between the VRs so that VR2 can learn all the corporate networks and the ...

gcampbe9 by L0 Member
  • 2880 Views
  • 1 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels