General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Unencrypted HTTP basic authentication not flagged as a risk/threat?

I was doing a side-by-side comparison of various IDS/IPS sensors, including an inline Suricata sensor, as well as my PAN firewall. Suricata throws an alert if it detects that an HTTP Basic Authentication event crosses the sensor over an unencrypted connection, but the PAN firewall doesn't. This should throw an alert of some kind, as HTTP Basic A...

Master Key Deployment from Panorama

Has anyone deployed a new master key from Panorama to an HA pair? Following the process at https://docs.paloaltonetworks.com/panorama/9-1/panorama-admin/manage-firewalls/manage-the-master-key-from-panorama.html it doesn't mention anything about HA. Per https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/certificate-management/configure-the...

mb_equate by L3 Networker
  • 2188 Views
  • 1 replies
  • 0 Likes

Resolved! How to disable config sync in a HA pair?

Hello,I'am using to PAN devices in a HA pair, and i want to make some changes on one and not on the other before doing a switchover. Can i disable only config synchronisation and let all the other HA functionality up?Regrds.

asia by L3 Networker
  • 15757 Views
  • 6 replies
  • 0 Likes

Panorama - logs displayed for some firewalls are almost 20 hours old

Panorama 9.1.2 VM Both firewalls running 9.1.2 and forwarding logs to Panorama. For one firewall the logs in Panorama are current. For the other they are over 19 hours old for the traffic logs. There is a third firewall where Panorama shows logs more recent than 19 hours but still not current. NTP settings match on all devices and clocks sho...

certificate profile

Hi I want to use/setup a certificate profile for use with an EDL. The site - internal running minemeld. has multiple int CA.So for the profile, do I add only the last int CA or all of them.How does certificate profile work will it say okay if any certificate signed by any of the ca's work ?how can i limit it to just the last intCA... do i do tha...

Unable to send email alerts

I am trying to setup my PA to send email alerts, however when I try sending a test email I receive the following message "Failed to send email to gateway". I am using an SMTP relay server to relay emails from the PA to O-365. Does anyone have any recommendations on troubleshooting to see why it keeps failing?

Resolved! OID for CPU (DP)

Hi everybody, Anybody knows if there is an OID to get graphs of every DP of the CPU?are those the only OID for the CPU monitorizing?hrProcessorLoad.1 - 1.3.6.1.2.1.25.3.3.1.2.1hrProcessorLoad.2 - 1.3.6.1.2.1.25.3.3.1.2.2 Thanks a lot!

BigPalo by L4 Transporter
  • 2694 Views
  • 1 replies
  • 0 Likes

Floating IP for Active-Active pair VPN

Hi All, I'm trying to configure a Floating IP for a VPN on an Active-Active pair of 5220's. I have the Floating IP configured with the Active-Primary Device Priority 1 and Active-Secondary with Device Priority 100. The Interface IPs for both devices are in different subnets to the Floating IP. When I ping the floating IP from home, I see a log e...

a.jones by L3 Networker
  • 3494 Views
  • 2 replies
  • 0 Likes

Palo Alto connection Virtual wire drop User VPN anyconnect

Hi everyone,I am facing an issue where I setup my PA-850 as a transparent mode (virtual wire) and set the policy as default to allow all the traffic. Connection of my PA-850 is in between router and core switch. I can see all the traffic is passthrough the PA-850 without any issue however, some of the user from other branch connect through Anyco...

sayyidi by L0 Member
  • 2250 Views
  • 1 replies
  • 0 Likes

PA NGF SMB bruteforce behavior

Hi, Im wondering what is the behavior of SMB bruteforce vulnerability alert from PA FW. Vulnerability id (40004) SMB brute force seems to be triggered by a child signature 31696(SMB login attempt). Question is the child triggered every time there was a failed login? Regardless if the failed attempt was caused by entering the same password over ...

Session End reason & Application Status

I would like to know about Palo Alto firewall Session End reason, why we are getting those reasons & how we can resolve the issue. For example:tcp-rst-from-client—> it mean the client sent a TCP reset to the server.tcp-rst-from-server—> it mean the server sent a TCP reset to the client.Aged-Out -> Session Time out But I am looking f...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels