General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Happening in June: The Complete Zero Trust Network Security Event

Greetings everyone, Don't miss Palo Alto Networks' Complete Zero Trust Network Security event coming up in June. This event will cover the following points related to the newly unveiled Zero Trust Network Security: Secure access to the right applicat...

seattle-launch-live-community-r2b-1100x120.jpg
jdelio by Community Team Member
  • 493 Views
  • 1 replies
  • 4 Likes

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 18210 Views
  • 41 replies
  • 32 Likes

Detect ipsec vpn tunnel down with remote palo alto peer

PA5020/PAN-OS 7.1.10 I am trying to develop a NAGIOS check to get an alert , when a vpn tunnel between PA's at different locationsis down. So far I have been looking at the ifup-status of the corresponding tunnel interface at the local firewall. It t...

Incorrect URL Category Displaying In Syslog

Hello, Since we have enabled Insufficient-content (PAN-DB) as a URL category a few weeks ago, some of these URL category logs are displaying in Syslog as an old Brightcloud category called Unconfirmed-Spam-Sources. We have not used Brightcloud for ye...

Rags by L2 Linker
  • 345 Views
  • 0 replies
  • 0 Likes

Group Mapping

Included Groups under Group Include list showing full LDAP distinguished name. Would someone be able to advise how to configure a firewall to display "DomainName\GroupName" instead? Thank youMarek

Resolved! How do I white list an external IP address?

I have a known external Nessus scanner that scans my external network every weekend. Every Monday morning, I've got hundreds of alerts due to these scans. I do not want to disable the scan alerting in general because if anyone else scans me, I want t...

Resolved! Dealing with Threat Alerts?

Hi Folks, We have Critical Threat Alerts emailed to us and usually its every couple of days we get a few alerts, mostly Apache Struts Jakarta. But over the last 4-5 days there has been a significant increase in threat alerts. 60-100 emails per day, s...

OMatlock by L4 Transporter
  • 1418 Views
  • 11 replies
  • 0 Likes

Resolved! Find cause origin saturation interface

Hi, When we detect that a communications channel is saturated because someone or something is downloading a large file or occupying the entire bandwidth. We do not know how to see in real time in the web interface of a PA-500 (firmware 7.1.6) that is...

image.png
image.png
Screenshot_1.jpg
Screenshot_2.jpg

Resolved! Question about Virtual Router and Policy Based Routing

Hi All, We are currently doing the migration from ASA 5550 to PA5020. We have totals of 4 interface in our environment. In ASA the routing is handle by Static route and pretty straight forward. As for Palo Alto, should I combine all the static route ...

PaloAltoRouting.PNG

Syslog-ng issue

I have a Kiwi Syslog-ng server reachable from Palo Alto Firewall MGMT interfaces. I generated a Self-signed Cert on PA Firewall and imported that into Windows' store for use in Secure TCP (SSL) communication in kiwi Syslog Server....but the firewall ...

PA-VM Cannot ping eth1/2 internal interface

Hi Guys, I am running a PA VM with a VM-100 license on vmware workstation 12.5. I have the mgmt interface bridged to my network and can access the PA GUI, CLI and the internet. For my internal interface i have setup eth 1/2 to vmnet3 and unchecked th...

vmnetcfg_2017-10-22_09-54-29.png

Resolved! Panos 8 inbound ssl inspection

Hi I have tried to turn this on and well... My server site has server cert and 1 intermediary cert.With decryption on it strips the int-ca from the reply ? I find that rather strange why it would do that.So this makes any request to that site fail

Resolved! Decrypt inbound inspection and panorama

Hi I can't seem to configure inbound decryption because I need to select a cert, but there is nothing in the drop down list ! is it just me ? Certs are kept in templates not device groups so seems a bit strange . Alex

Resolved! new panorama vesion 8 legacy adding disk

Hi, newly deployed ESXi vm panorama 8.0.2By default free space is 11gb this is ok.Then trying to add a new disk for exmpla 150gb.This is working with version 7.1 new panorama. Can we also make this work with new deployed 8.0.x panorama (legacy mode) ...

PanIst by L3 Networker
  • 4414 Views
  • 8 replies
  • 0 Likes

File blocking in windows shares

Hi Guys,Please need your support in blocking files when clients tries to copy files from local system to a shared folder on a server.I want to just allow text files and block all other files from being copied from local to remote server. Thanks

mahmoodm by L2 Linker
  • 759 Views
  • 1 replies
  • 0 Likes