General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Disable TCP 1323 Timestamp response through Palo Alto Firewall?

Hi,I'm wondering whether is there a way to set the PAN Firewall to detect and drop TCP 1323 Timestamp queries to servers?According to some web vulnerabilities scanning reports, it is reccomended to disable the TCP Timestamp as it discloses server uptime information, allowing attackers to guess the OS patch status.In the recent Windows server OS ...

TCP timestamp response During the vulnerability assessment

In my case, the team is performing a vulnerability assessment on PA820Vulnerability Title: TCP timestamp response.Description: The remote host responded with a TCP timestamp. The TCP timestamp response can be used to approximate the remote host's uptime, potentially aiding in further attacks. Additionally, some operating systems can be fingerpri...

Resolved! Migrating config from PA -500 to pa 220

IHi,Planning for upgrading PA-500 to PA-220, Just wanted to be sure that if we download the current running config from PA-500 and import it to new PA-220 device, will that work? I am not sure if Importing configurations between non-matching hardware versions works in this case,according to thishttps://knowledgebase.paloaltonetworks.com/KCSArtic...

Prelogon - PanCredGet

PAN-OS - 9.0.3Global Protect 5.0.3 We are having problems with GPPrelogon. Logs: (T7612) 07/22/19 15:20:16:670 Debug(5727): REGION-PRIO, region code is GB(T7612) 07/22/19 15:20:16:670 Debug(10868): REGION-PRIO, save region code GB(T7612) 07/22/19 15:20:16:670 Debug(5783): Portal authentication-message is Enter RAFA login credentials(T7612) 07/2...

BizBo by L2 Linker
  • 9193 Views
  • 3 replies
  • 0 Likes

Best siem

Hello all its been a long time, since they took away my sentinel role I haven't been on here much. Does anyone have a recommendation for a siem?

jdprovine by L4 Transporter
  • 6686 Views
  • 5 replies
  • 0 Likes

Resolved! CEF PANOS 10

Morning! I can see that PANOS 9.1 has a CEF will this work on PANOS 10 as I have not been able to find the CEF for PANOS 10 Thanks BizBo

BizBo by L2 Linker
  • 2910 Views
  • 1 replies
  • 0 Likes

Resolved! blocking machines from AD-group

Is it possible to block outgoing traffic, from an active-directory group containing machines?blocking traffic by username works fine, but i want to use the machine ad group rather than entering all machines by fqdn or ip in an address group of objects on my pa.i'm using a pa-3020 on pan-os 5.0.1thanks

skemena by L1 Bithead
  • 5594 Views
  • 5 replies
  • 0 Likes

Resolved! Creating static routes in CLI versus GUI

I have noticed that if a create a static route via the cli the xml configuration is less than if you create the static route via the GUI. In the cli I can simply set the destination and next hop. In the GUI there are many other options (most I never use) such as path monitor, BFD, metric and so on. I essentially take the defaults. In the GUI bot...

Resolved! Azure HA same resource group ?

This doc says both VM's have to be in same resource group, but portal doesn't allow me to deploy another VM in same resource group, where i have already deployed a VM. https://docs.paloaltonetworks.com/vm-series/9-1/vm-series-deployment/set-up-the-vm-series-firewall-on-azure/configure-activepassive-ha-for-vm-series-firewall-on-azure.html

raji_toor by L4 Transporter
  • 3724 Views
  • 1 replies
  • 0 Likes

Blocking certain Facebook features while allow others with PAN version 8.1.17

I am trying to block certain Facebook features while allowing others. For example: Facebook – block - chat, file-share, post, video, voice However, after implementing it on the PAN, I can still do this with Facebook: I could post, like and upload pictures. Chat doesn’t work at all, though I can see the page. Is this normal? Is the application...

dtran by L4 Transporter
  • 10375 Views
  • 11 replies
  • 0 Likes

Resolved! GlobalProtect iPad VPN App

We have many users getting a pop up readingThe Network connection is unreliable and GlobalProtect reconnected using an alternate method. You may experience slowness when accessing the internet or business applications. Anyone seen this and what maybe causing it? We have never had any issues with GP VPN on any devices for years now/ or since usin...

Renew firewall CA certificate and distribute with GPO

We have created on the firewall a Root CA which also signs the SSL Forward Trust certificate.The firewall Root CA certificate has been deployed with GPO to all our devices there Trusted Root Certificate Authorities.The root ca certificate on the firewall will almost expire and needs to be renewed, but what is the procedure?Select the certificate...

ZEBIT by L3 Networker
  • 3039 Views
  • 2 replies
  • 0 Likes

TAXII feed for SIEM

Hi, I have tried minemeld with few miners and output to the inbounfeedhc i.e. PAN EBL/DBL. It is worked as expected. I would like to push the data to SIEM so that i can perform log analysis based on the indicators. How can i use taxii? I have configured ET.compromisedIP and Dshield miners to send data to new aggregator with output to stllib.fe...

Sly_Cooper by L4 Transporter
  • 47417 Views
  • 53 replies
  • 1 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels