General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

PA500 Restart Reason Log

I am trying to determine why a PA500 firewall was rebooted...i ran this command: tail mp-log masterd.log and got the below. I couldn't find any references for the restart reasons. How do i know if there was a power outage? Thoughts? 2018-11-28 13:37:13.158 -0500 INFO: l3svc: received user restart2018-11-28 13:37:13.172 -0500 INFO: l3svc: User re...

Expedition Tool Cisco to PA

I am having an Existing setup of cisco where all my ISP are terminated which is a standlalone device ,now migrating to PA 3220 with HA,but over here my ISP will be terminated on switch and from switch one cable to PA 3220 will be going...how do i migrate interfaces of all ISP(Approx 5) to Palo Alto(1).How do i do remap,in this case,will i need t...

Swetang by L1 Bithead
  • 2215 Views
  • 1 replies
  • 0 Likes

Custom Report Start and End Times Inclusive or Exclusive

I am exporting a Custom Report to a CSV and want to make sure I don't miss any data. Scenario 1: I want to include a full day's logs in one file For October 1, 2020. Would I set the start time to midnight and the end time to 11:59 PM, or would I put the end time to October 2, 2020, at midnight?Scenario 2: I want all the data for the full 8 AM ho...

Screen Shot 2020-10-03 at 1.48.55 PM.png

PANOS10 Security Policy Not Matching Randomly

Running a PA220 with PANOS 10.0.1 Simple NAT/Security policy in place to permit an outside application access on X port. Traffic flows as expected, although randomly traffic goes unmatched and is dropped by the FW. Jiggling the handle by remapping the port from 80 back to 2075 with commits corrects the issue. TAC has reviewed the configuratio...

jdigangi by L0 Member
  • 2907 Views
  • 3 replies
  • 0 Likes

Zscaler and Global Protect Compatability

Does anyone come across issues when we are running Zapp and Global Protect client together on MAC.We have GlobalProtect with split tunnel mode and we are in phase of migrating to Zscaler solution. We deployed Zscaler with ZIA enabled to for set users and people started complaining about performance issues.After couple of tshoots we decided to lo...

Resolved! Wildfire Virus detected on firewall but not on Wildfire Portal

Hi, the file t32.exe is considered as wildfire-virus Win32.WPCGeneric.cnp and blocked on the firewall.But when checking this file on Virustotal and eu.wildfire.paloaltonetworks.com/wildfire/ it is considered as benign. https://www.virustotal.com/gui/file/352df104254095ddf925514d99bfb5411c95b5386e90caf06557979f82e16844/detectionThe file is part o...

FMueller by L0 Member
  • 2980 Views
  • 1 replies
  • 0 Likes

Resolved! IPSec Transport Mode

I cannot find a way to configure the IPSec tunnel encapsulation to use Transport Mode versus Tunnel Mode in either the GUI or CLI ... anyone have insight into this?

aragone by Not applicable
  • 6251 Views
  • 4 replies
  • 0 Likes

Resolved! Query on Path monitoring

Will Path monitoring kick in if Enable HA is not selected?One of the KBs mentioned path monitoring failure which cause the loop condition.

HA.png
Link and Path Monitoring.png

Minemeld High Availability

MineMeld needs to be deployed in a high availability model, so if one goes down firewall will not start blocking allowed traffic from the rule base. What is the recommendation here?

Evaluation License

Hi guys, How do i get or buy evaluation license here? I do not see a link that suggest where to get or what process is needed. I'm running a PA lab on EVE-NG and wanted to be able to run Panorama. Now, i know to do that, i need to get a eval license. Please, help. Thanks

Resolved! Recommended Software release

Hi PAN Community! I'm just wondering if there's a dedicated page/link I can refer to if I want to confirm if a certain release is recommended or not. I don't want to raise a TAC case everytime. Thanks!

Rules check by logs with expedition

Hello, For one of our client , using PA 850 in cluster, They have 8 zones for voip , printer , camera etc And all the security policies are wide open. Now we want to restrict the policy by looking at logs from each zone towars other. Can we export logs from panorama to expedition to see or analyse it ? Or what is best approach to do reverse eng...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels