General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

BGP Routes redistribute into OSPF_Match Tag value

Nexus switch is learning AWS routes ovr (Ebgp)BGP and has a tag with AS Value.

This nexus switch advertises routes learned from AWS to Paloalto firewall(Ibgp)

We would like to create redistribute profile which can redistribute only routes which have ta

...

DNARNI by L1 Bithead
  • 1744 Views
  • 0 replies
  • 0 Likes

Panorama CLI commit process

Hi ,

 

Could you please confirm the cmd equivalent to "commit and push "  in panorama .

 

I am trying to commit the changes using Panorama cli . I tried using commit partial device group <name>  but changes are only showing in Panorama not on the firewal

...

deepak12 by L3 Networker
  • 10270 Views
  • 5 replies
  • 0 Likes

my OneDrive for Business get block

HI


I try setup a policy to allow traffic for OneDrive for Business. but the traffic all just incomplete. My PAN os is 7.0.1, I allowed all onedrive, sharepoint, sharepoing online, office365, ssl and web browsing, but still cannot communicate with oned

...

Bin by L1 Bithead
  • 3722 Views
  • 3 replies
  • 0 Likes

Disable NAT from Untrusted to Trusted device

Hello!

 

I am trying to port forward port 25 traffic without a NAT to an email security appliance behind the firewall. The problem is when SMTP traffic is forwarded through the Palo Alto the client-IP address of all e-mail going to the email security a

...

daemon and processes.

Hi team,

 

I would like to know why Daemons and processes ids are getting suspended or not working.

I can see that which daemon stopped working by this cmd, 

> show system software status

and for example: routed is stopped and i have restarted the routed

...

packet loss

Hi,

when I am downloading file from internet , I can see lot of packet loss and congestion in wireshark capture analysis .

I want to make sure PA is the culprit 

How can I verify this  . 

I  have disabld QOS on PA

Thanks

 

 

 

simsim by L4 Transporter
  • 1974 Views
  • 2 replies
  • 0 Likes

Resolved! Default EDLs and manual exceptions

I'm working through a best practices assessment and one of the recommendations is to create security policies to deny traffic inbound or outbound to the two default external dynamic lists: 'Palo Alto Networks - Known malicious IP addresses' and  'Pal

...

Adding additional content to Minemeld taxii feed

Hello,

 

I am very new to Minemeld and I have to admit the concept is something I am still struggling to understand.

My question for this post is surrounding the taxii feed. I am providing a CrowdStrike IPv4 stix taxii feed for our Netwitness platform.

T

...

Screenshot_2020-09-01 MineMeld.png

Convert from Cisco to Palo

I downloaded the expedition to ubuntu. I am have everything running. When asked to Upload a Panos or Panorama configuration XML file. Export it from your device. What template can I use for this. I have a cisco ASA .txt file I would like to convert.

 

...

jimf69 by L1 Bithead
  • 2622 Views
  • 3 replies
  • 0 Likes

Questions about FIPS-CC Mode

Greetings all,

 

We've got a department on our network using a piece of higher-security software.  The software audit came back and indicated FIPS 140-2 encryption is required when the traffic is going across any network other than ours.

 

I've started l

...

jsalmans by L4 Transporter
  • 4450 Views
  • 5 replies
  • 0 Likes

File Type "Unknown Binaries"

We just need to know the wildfire file type which is allowed to dynamic analysis.

As I know the following URL described allowed file type for sandboxing but what happened with unknown Binaries ( unknown Extention ) when it classified as an unknown fil

...

  • 24297 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels