General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Log export error

Hello All, I am facing issue to export traffic logs from the firewall in CSV format. getting the error "no jobs query found". Troubleshooting:-* Increased the CSV row number up to 1048576.* I can export URL filtering logs, security policy, NAT policy in CSV format.* Applied filter in traffic logs for 10 minutes but still getting the same error.*...

VSYS Migartion Query From DC5220 to ISP 5050

Spoiler (Highlight to read)Hi Team,I have below network ArchitectureUpstream Internet Firewalls PA 5050 Active/StandbyDownstream Datacenter Deployment 5220 Active/StandbyNow We have 2 VYS in DC 1 is Normal 2nd DMZ Vsys.Now i have to remove DMZ vsys to ISP can some guide how to remove vsys from datacenter 5220 to ISP 5050.ISP-PA5050-connected 5k ...

CLI/API command to verify Panorama push diff

Do you know of a CLI command or a rest API call to push and to show the changes of configuration to be pushed to a firewall from Panorama? I am trying to automate the process, but could not find any references.

batd2 by L4 Transporter
  • 2606 Views
  • 1 replies
  • 0 Likes

Resolved! MDM Integration Service Cannot Be Started

I'm getting the following start error message on Windows Server 2019 running ID-Agent. The MADebug file shows the following as well.------------MDM Service is being started------------11/10/20 15:52:06:552[ Info 1414]: Os version is 6.2.0.11/10/20 15:52:06:552[ Info 480]: Load debug log level Info.11/10/20 15:52:06:552[ Info 483]: Product vers...

Screen Shot 2020-11-10 at 16.01.40.png
Screen Shot 2020-11-10 at 16.02.52.png

Resolved! Route path monitoring and tunnel monitoring together?

I'm switching to route path monitoring for VPN backup failover and would like to keep my tunnel monitoring active for down/up tunnel email notifications. I can set the tunnel monitoring to wait to recover. Can I use both of these at the same time and work as intended? Thank you.

treese by L3 Networker
  • 3776 Views
  • 2 replies
  • 0 Likes

Resolved! Aggregate vs Zone protection profiles

We have separate zone protection profiles for each zone. And the definition of aggregate says that "all thresholds apply to the entire group of devices specified in a DoS Protection policy rule". So if we are trying to protect servers in DMZ, unless we use smaller groups (for which our environment doesn't seem to have a usecase). Do we even need...

raji_toor by L4 Transporter
  • 3310 Views
  • 3 replies
  • 0 Likes

Panorama Version 10.0.1 Cant see Traffic logs from Palo-Alto Device

Hi Guys,Devices:1. Panorama Version 10.0.1 Model VMware ESXi2. Palo Alto Cluster Active/Passive Version: 10.0.1 Model: VMware ESXi VM License: VM-100 Problem:Logs that send from Palo alto to panorama cant be seen under the monitor Traffic tab and cant be sent to the Syslog server.directly from the Palo alto, we can see the logs under monitor tab...

pan.JPG
pan2.JPG
itaymel by L0 Member
  • 4357 Views
  • 3 replies
  • 0 Likes

Temporary disable Miner / Malwaredomainlist offline

Hello! Does anybody know how to temporary disabel a miner without deleting it from config ? Problem is, that currently www.malwaredomainlist.com gets resolved to 127.0.0.1 and the miner alerts in the log files with basepoller._poll ERROR: Exception in polling loop for Malwaredomain_IPs: HTTPSConnectionPool(host=www.malwaredomainlist.com, por...

HA sync option not showing in Panorama

Hi Team, I import the configurations from managed device to panorama then export to managed devices of our A/P firewalls. everything went well. but when I see the summary on panorama passive device template showing as in sync but active device template disappear. PFA below for your reference,

Resolved! Managing Windows Services

Ok, so this may be a stupid question, but I have a server that has a web service running under a domain\webservice account. I want to define a security policy for the service, but the firewall does not consistently get the correct user. After a reboot the user is right, but if I sign on to the box the user becomes me instead. I have tried the...

Pre-Logon Issue

Hi Team, I have configure the Pre-Logon but it's not working (T5208) 10/26/20 14:04:11:874 Debug(9110): SSO password is empty(T5208) 10/26/20 14:04:11:874 Debug(2462): m_preUsername pre-logon(T5208) 10/26/20 14:04:11:874 Debug(9070): Password is empty.(T5208) 10/26/20 14:04:11:874 Debug(2483): CheckCachedPortalForPrelogon 0, PrelogonNeedTimeout...

user based policy not working even if the log shows correct username.

Hi Team, I am facing an intermittent issue as follows.- I have a policy based on the username in domain\username format (Domain in NetBIOS name).I can see sometimes user traffic is not hitting this policy, but the traffic log shows with the correct username (domain\username - hope this eliminates the chance of domain normalization issue).-As the...

Split tunneling issue for office 365 applications

Recently enabled split tunneling for our Global protect VPN, and have added some domains into the split tunnel. For some users domain split tunneling doesn't work. The domains configured to be included in the split tunnel are as follows *autologon.microsoftazuread-sso.com*enterpriseregistration.windows.net*.microsoftonline.com We are trying to a...

Resolved! Upgrading heavily used PaloAlto Firewalls

Hi, I am about upgrade some PaloAlto firewalls with 10s of Vsys but wondering what would be a good report to generate to identify traffic flows for pre and post checks as well as identifying impact to services. any help will be appreciated. Regards,

qasim02 by L2 Linker
  • 7003 Views
  • 6 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels