General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Wildfire False positivs ... more than usual

Hi community

 

In our environments we start getting more and more fals positivs from wildfire where documents (mainly docx and xlsx) are flaged as malicious without any reason, or at least a reason without details in the WF report. I wonder if you see

...

Remo by L7 Applicator
  • 3183 Views
  • 3 replies
  • 0 Likes

User dropped when uses GlobalProtect

Hello.

 

I have an issue when users use GlobalProtect to access internal resources (my policy is restricted by username).

PA Release: 8.1.11

GlobalProtect: 4.1.12-3

 

Initialy they access without any problem the whole set of resources and we see the user i

...

JuanAn by L1 Bithead
  • 3364 Views
  • 3 replies
  • 0 Likes

OSPF BPA PARAMETERS

Hi Everyone,

 

We r using OSPF over IPsec tunnel.We have two tunnels and failover dynamiclly.But when we r shutdown one tunnel there r many pinng loss(10 ping loss).We want to minimnize this value.Did any one do that before? Which value we should use f

...

Resolved! Destination NAT to other Port

Hey all,

there is a ssh server in an internal network. I want to access that server from public, but with source port for example 11111. The server listens on normal ssh port 22.

So I would like the firewall to do a port translation from 11111 to 22.

Is

...

MPI-AE by L4 Transporter
  • 6821 Views
  • 4 replies
  • 0 Likes

Resolved! Allowing Ads

I have a user who would like access to be able to view ads. This may or may not be a good practice, but I would like to know if this is able to be granted. For example, we granting access to something such as Facebook, I can create a policy and grant

...

Resolved! Authentication - Users are not matching with groups

Hello, 

 

I have a problem with authentication. I have configured a PAN integrated agent. 

 

I can see users authenticated. At the same time, the firewall is getting the groups from AD. But for some reason, the users are not matching with the groups. So

...

iscott by L2 Linker
  • 5963 Views
  • 3 replies
  • 0 Likes

bulk export of security zones on Panorama

Hello,

 

I am trying to get a list of all the security zones configured on all the firewalls from Panorama. Is this possible? whats the most efficient way of achieving this? I have over 50 devices and exporting security zones from each one is tedious.

...

Using Secure LDAP profiles

In March 2020 Microsoft will be releasing a Security Update which will disable the use of LDAP connections (cleartext over port 389) to/from Windows Servers - only LDAP Secure connections (default port 636) will be accepted by Windows Servers after t

...

PS007 by L2 Linker
  • 2661 Views
  • 1 replies
  • 1 Likes

Resolved! Palo 5220 (8.1.6h2) Throughput

All

We are pulling data from an a remote server to a SQL server, that sits behind the Palo, using SMB and FTP. The file size is 40G.

ALL links between the 2 servers are verified at 10G.

The transfer rate is being measured between 75MB and 120MB., apprx

...

mhs_coad by L0 Member
  • 1960 Views
  • 1 replies
  • 0 Likes

Netflow export into IPsec tunnel...

I'm trying to get netflow to export through a vpn tunnel on my PA-VM V9.1 firewall. My route and policy into the tunnel for the target collector is working because I can ping the collector through the tunnel. So I figure I need to change the default

...

megrez80 by L2 Linker
  • 4817 Views
  • 5 replies
  • 0 Likes

Troubleshooting GlobalProtect disconnects

I have a couple of users that say their active connections are suddenly disconnected. What is the best way to determnine the cause of the disconnection? Again this is an active session not a time out

jdprovine by L4 Transporter
  • 6018 Views
  • 3 replies
  • 1 Likes
  • 23590 Posts
  • 103 Subscriptions
Top Solution Authors
Top Liked Authors
Labels