General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 236 Views
  • 0 replies
  • 0 Likes

HL7 Traffic / Unknown-TCP traffic gets denied.

We are standing up some new PA firewalls and have been testing with some HL7 servers.  Testing has been going well until recently where "unknown-tcp" traffic gets denied.  It seems that it only happens when the transfer of a specific file/message is

...

rkoenig by L3 Networker
  • 11235 Views
  • 11 replies
  • 0 Likes

Resolved! Public to Public RFC 1918 blocks

Hi,

 

I am looking to block the RFC 1918 blocks coming from internet to our LAN zone. So, Policy will be Source zone: Public , IP: RFC1918 blocks, Destination zone: LAN, IP : any .

Can you guys please confirm that creating this policy will fulfill my re

...

shafi021 by L2 Linker
  • 5597 Views
  • 2 replies
  • 0 Likes

Primary and Secondary SSL VPN global protect

One question that comes in my mind, can we use fallback URL or IP in Global Protect client? Like in Cisco AnyConnect, if the primary VPN Server or internet source is down then client connect with the secondary internet source automatically.

aneeqzia by L0 Member
  • 2970 Views
  • 3 replies
  • 0 Likes

Resolved! x-forwarded-for header in traffic log on AWS VM

Hello,

 

My FW is behind ALB, so I want to see original Src IP.

 

I enabled "use x-forwarded-for header in user-id" setting and user-id on the zone.

But there is no info on source user column in traffic log.

 

I can see the information in url filtering logs

...

yhlee1 by L2 Linker
  • 5228 Views
  • 5 replies
  • 0 Likes

Resolved! Empty EDL PA220 PANOS 10.0

Hello

Im doing some tests on PA-220 test unit.

Some story - im using windows 10 with installed debian on WSL.

I've installed apache2 and doing some IP pulls from internet and then hosting it on:
192.168.7.131/steamip2.html
I can access this from my intern

...

wjt82918 by L1 Bithead
  • 11117 Views
  • 7 replies
  • 0 Likes

Resolved! New Install Checklist

Hello -

Has anyone seen or created, that they'd like to share, just a general checklist of information to collect and steps to do a new install?

Resolved! Problem URL-Filter onedrive urls

Hello everybody,

 

I use url-list from urlhaus. If I test some entries, I got a problem with onedrive-urls like this:

 

onedrive.live.com/download?cid=a75074ec168603e4&resid=a75074ec168603e4%21108&authkey=apnjueurszwr7fi

This url should be blocked by urlf

...

IKEv2 keepalive tuning

IKEv2 on PA has built in keepalive mechanism, but it can only act if the communication is lost for more than 5 minutes: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClgcCAC

After testing it out, about 7-8 minutes passed un

...

nikoo by L3 Networker
  • 4992 Views
  • 1 replies
  • 0 Likes

Resolved! What happens to active sessions in Dual ISP Scenario

We have 2 ISP's, primary is down right now. Both ISP's connect to different interfaces. When Primary comes up, the interface will be different for outgoing/incoming traffic. Will the active rdp/web sessions/GlobalProtect/IPSEC tunnels drop when prima

...

raji_toor by L4 Transporter
  • 3006 Views
  • 2 replies
  • 0 Likes

DataPlane Restarted unexpectedly

As we have seen that in system log the dataplane is Restarted. When i  run this command show system resource follow i can see that  cpu utilization goes 100%. Please suggest as i run 8.1.7 PAN-OS version. 

 

 

 

Joshan_Lakhani_1-1596621967579.png
  • 23622 Posts
  • 107 Subscriptions
Labels