General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 259 Views
  • 0 replies
  • 1 Likes

SSL decryption( Some traffic is not decrypted)

Dear All,

 

I have applied SSL forward decryption in my Paloalto, then i observed some traffic are decrypted and some traffic not decrypt.

Example:- I have applied the decryption in social-networking (Facebook traffic is decrypted but Snapchat traffic i

...

Diplay file in disk folders

Dears,
when I apply following command
show system disk-space
many folders displayed. can you help me to display all files in this folders (/opt/pancfg,/opt/panrepo, /dev/shm, and /opt/panlogs) ?

Filesystem            Size    Used   Avail Use% Mounted on

/

...

Wildfire False positivs ... more than usual

Hi community

 

In our environments we start getting more and more fals positivs from wildfire where documents (mainly docx and xlsx) are flaged as malicious without any reason, or at least a reason without details in the WF report. I wonder if you see

...

Remo by L7 Applicator
  • 3224 Views
  • 3 replies
  • 0 Likes

User dropped when uses GlobalProtect

Hello.

 

I have an issue when users use GlobalProtect to access internal resources (my policy is restricted by username).

PA Release: 8.1.11

GlobalProtect: 4.1.12-3

 

Initialy they access without any problem the whole set of resources and we see the user i

...

JuanAn by L1 Bithead
  • 3404 Views
  • 3 replies
  • 0 Likes

OSPF BPA PARAMETERS

Hi Everyone,

 

We r using OSPF over IPsec tunnel.We have two tunnels and failover dynamiclly.But when we r shutdown one tunnel there r many pinng loss(10 ping loss).We want to minimnize this value.Did any one do that before? Which value we should use f

...

Resolved! Destination NAT to other Port

Hey all,

there is a ssh server in an internal network. I want to access that server from public, but with source port for example 11111. The server listens on normal ssh port 22.

So I would like the firewall to do a port translation from 11111 to 22.

Is

...

MPI-AE by L4 Transporter
  • 7066 Views
  • 4 replies
  • 0 Likes

Resolved! Allowing Ads

I have a user who would like access to be able to view ads. This may or may not be a good practice, but I would like to know if this is able to be granted. For example, we granting access to something such as Facebook, I can create a policy and grant

...

Resolved! Authentication - Users are not matching with groups

Hello, 

 

I have a problem with authentication. I have configured a PAN integrated agent. 

 

I can see users authenticated. At the same time, the firewall is getting the groups from AD. But for some reason, the users are not matching with the groups. So

...

iscott by L2 Linker
  • 6112 Views
  • 3 replies
  • 0 Likes

bulk export of security zones on Panorama

Hello,

 

I am trying to get a list of all the security zones configured on all the firewalls from Panorama. Is this possible? whats the most efficient way of achieving this? I have over 50 devices and exporting security zones from each one is tedious.

...

Using Secure LDAP profiles

In March 2020 Microsoft will be releasing a Security Update which will disable the use of LDAP connections (cleartext over port 389) to/from Windows Servers - only LDAP Secure connections (default port 636) will be accepted by Windows Servers after t

...

PS007 by L2 Linker
  • 2678 Views
  • 1 replies
  • 1 Likes

Resolved! Palo 5220 (8.1.6h2) Throughput

All

We are pulling data from an a remote server to a SQL server, that sits behind the Palo, using SMB and FTP. The file size is 40G.

ALL links between the 2 servers are verified at 10G.

The transfer rate is being measured between 75MB and 120MB., apprx

...

mhs_coad by L0 Member
  • 1987 Views
  • 1 replies
  • 0 Likes

Netflow export into IPsec tunnel...

I'm trying to get netflow to export through a vpn tunnel on my PA-VM V9.1 firewall. My route and policy into the tunnel for the target collector is working because I can ping the collector through the tunnel. So I figure I need to change the default

...

megrez80 by L2 Linker
  • 4894 Views
  • 5 replies
  • 0 Likes
  • 23628 Posts
  • 107 Subscriptions
Top Liked Authors
Labels