General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Configuring external connection through a switch

Hi,


Initial config query! We currently have 2 leased lines going into a managed switch for failover capabilities with then a single cable going into our existing firewall (Zywall).

This weekend we would like to switch out the existing firewall with our

...

fa2019 by L0 Member
  • 3538 Views
  • 4 replies
  • 0 Likes

SSL decryption( Some traffic is not decrypted)

Dear All,

 

I have applied SSL forward decryption in my Paloalto, then i observed some traffic are decrypted and some traffic not decrypt.

Example:- I have applied the decryption in social-networking (Facebook traffic is decrypted but Snapchat traffic i

...

Diplay file in disk folders

Dears,
when I apply following command
show system disk-space
many folders displayed. can you help me to display all files in this folders (/opt/pancfg,/opt/panrepo, /dev/shm, and /opt/panlogs) ?

Filesystem            Size    Used   Avail Use% Mounted on

/

...

Wildfire False positivs ... more than usual

Hi community

 

In our environments we start getting more and more fals positivs from wildfire where documents (mainly docx and xlsx) are flaged as malicious without any reason, or at least a reason without details in the WF report. I wonder if you see

...

Remo by L7 Applicator
  • 3062 Views
  • 3 replies
  • 0 Likes

User dropped when uses GlobalProtect

Hello.

 

I have an issue when users use GlobalProtect to access internal resources (my policy is restricted by username).

PA Release: 8.1.11

GlobalProtect: 4.1.12-3

 

Initialy they access without any problem the whole set of resources and we see the user i

...

JuanAn by L1 Bithead
  • 3203 Views
  • 3 replies
  • 0 Likes

OSPF BPA PARAMETERS

Hi Everyone,

 

We r using OSPF over IPsec tunnel.We have two tunnels and failover dynamiclly.But when we r shutdown one tunnel there r many pinng loss(10 ping loss).We want to minimnize this value.Did any one do that before? Which value we should use f

...

Resolved! Destination NAT to other Port

Hey all,

there is a ssh server in an internal network. I want to access that server from public, but with source port for example 11111. The server listens on normal ssh port 22.

So I would like the firewall to do a port translation from 11111 to 22.

Is

...

MPI-AE by L4 Transporter
  • 6237 Views
  • 4 replies
  • 0 Likes

Resolved! Allowing Ads

I have a user who would like access to be able to view ads. This may or may not be a good practice, but I would like to know if this is able to be granted. For example, we granting access to something such as Facebook, I can create a policy and grant

...

Resolved! Authentication - Users are not matching with groups

Hello, 

 

I have a problem with authentication. I have configured a PAN integrated agent. 

 

I can see users authenticated. At the same time, the firewall is getting the groups from AD. But for some reason, the users are not matching with the groups. So

...

iscott by L2 Linker
  • 5513 Views
  • 3 replies
  • 0 Likes

bulk export of security zones on Panorama

Hello,

 

I am trying to get a list of all the security zones configured on all the firewalls from Panorama. Is this possible? whats the most efficient way of achieving this? I have over 50 devices and exporting security zones from each one is tedious.

...

Using Secure LDAP profiles

In March 2020 Microsoft will be releasing a Security Update which will disable the use of LDAP connections (cleartext over port 389) to/from Windows Servers - only LDAP Secure connections (default port 636) will be accepted by Windows Servers after t

...

PS007 by L2 Linker
  • 2528 Views
  • 1 replies
  • 1 Likes

Resolved! Palo 5220 (8.1.6h2) Throughput

All

We are pulling data from an a remote server to a SQL server, that sits behind the Palo, using SMB and FTP. The file size is 40G.

ALL links between the 2 servers are verified at 10G.

The transfer rate is being measured between 75MB and 120MB., apprx

...

mhs_coad by L0 Member
  • 1850 Views
  • 1 replies
  • 0 Likes
  • 24298 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels