General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Panorama attempting to connect to dummy-iot.services-edge.paloaltonetworks.com

Following an upgrade to PAN-OS 10.0.3, Panorama began sending out alerts every 5 minutes: opaque: gRPC connection to dummy-iot.services-edge.paloaltonetworks.com:443 is broken We do not have the IoT Subscription, nor can I find anywhere that this is configured. The error itself is due to the URL not resolving, as it appears to be a placeholder....

Resolved! Minemeld-web FATAL (Ubuntu 18.04)

Hi Ive been having a sweaty couple of days trying to get this to work and I must say ubuntu is not my forte.Anyway this all started from Ubuntu update. We had 14.04 which had sudo vulnerability and I was tasked to update this OS.Only thing running on it was this Minemeld and ofcourse after update it broke. I think Ive finally got partly working...

LassiK by L1 Bithead
  • 4537 Views
  • 2 replies
  • 0 Likes

Management Plane high utlization

Hi guys, Im having a query regarding Packet buffer protection where after enabling it i can find that management plane cpu utilization reached from 7 to 80% im not sure what could cause it. So can some one refer me when does management plane reaches the high utilization and does enabling packet buffer protection cause this issue? Thanks

Multicast Access to External Stream

Looking for some info on getting multicast working through the Palo Alto. Current working with version 8.11 and previously accessed this iptv stream located externally via a tunnel. Now that hardware has changed, we need to find a way to access this external UDP video stream via the firewall. Went by the latest multicast article on the PA ntwks ...

Resolved! Our custom-app has impacted all SSL traffic

Hi Team, We have a client who do not have SSL decryption and has many third-party applications working over SSL on different ports other than 443. The client has a security requirement that all applications need to be categorized by Palo alto firewall, so they do not wish to use any service ports in the Service column field. Also, they do not w...

bambox by L1 Bithead
  • 4062 Views
  • 2 replies
  • 0 Likes

userID agent not connecting

5220(9.0.11) firewall connectes normally to local DC running userid agent, but I see this for a remote DC which also has the agent installed. The same remote DC is connected successfully to 850(9.0.11) firewall on remote site. Not sure what the issue is here. 03-10 07:24:16.210 -0800 Error: pan_ssl_conn_open(pan_ssl_utils.c:843): Error: Failed...

raji_toor by L4 Transporter
  • 3177 Views
  • 1 replies
  • 0 Likes

Config Audit

Hi Everyone - I wanted to pose this question to the folks out there that may be feeling the same as I do about the way the config audit feature works. It is supposed to be a simple way to do a diff on config changes/deletes. I have found that palo seems to insert simicolons and braces throwing off the reporting and making it less than optimal fo...

combine more than two port for internet connections

Hi I wish to understand how combining more than two ports for internet connections works. I have configure four ports for internet connections with deferent speed. when I perform a seed test. I think, some result base one companying all port seed - fast speed result- but some times base on one port speed - slow speed result . so I am not sure ...

ehsunn by L0 Member
  • 4301 Views
  • 3 replies
  • 0 Likes

MineMeld - Memory Leak or Redis needing configured?

Build: Followed the Azure 16.04 LTM instructions Problem: Every 3-4 days after increasing to 4 CPU's and 16 GB Memory the memory seems to creep up to the point of borking the instance. WorkAround: Every 3 days restart the engine. Context: Currently have 1 source producing over 800K over time steady after aging out happens. 8 Miners 3 Procs...

Romans6 by L1 Bithead
  • 4064 Views
  • 2 replies
  • 0 Likes

Resolved! Adding a 2nd ISP

I have been reading up and still trying to wrap my head around the exact setup I need. Current ISP1 - use for all LAN traffic out including IP phones. Use global protect also. Have external DNS setup so remote.mydomain.com goes to this ip address. Still want this ISP used for all traffic unless it goes down ISP 2 - I have one backup server that ...

Resolved! Active Active HA3 Through EVPN/VXLAN

Have an Active/Active deployment, single firewall at each DC with EVPN/VXLAN through Juniper cores. Can we have the HA-3 link go through the core switches? We are using daa plane interfaces for HA-2, HA-2B, and HA-3. We have the vlans stretched across to the other data center for the HA-2 and HA-3 links and jumbo frames enabled. I need to verif...

Resolved! L3 ARP entries

Hello Mr. We need to make some mac address in Palo Alto L3 interface.the question is that , How many manual arp entries can be added per single interface?and because no document discussing it, I wanted to make sure if this works as an ARP inpection, so IP and MAC address must mach, or the packet will be dropped.Kindly answer and confi...

  • 24403 Posts
  • 123 Subscriptions
Top Solution Authors
Labels