General Topics

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

Field name of "Name" at Palo Alto Threat logs

May I know what is the field name of "Name" at Palo Alto Threat logs, i've checked the documentation on https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/monitoring/use-syslog-for-monitoring/syslog-field-descriptions/threat-log-fields but it

...

Resolved! DoS protection policy process order

Hi All,

Basic question and l think l know the answer but just would like to confirm.

Is it the same for the DoS protection profiles if you compare with normal security policies, fist match from top to bottom?

I have a general DoS rule with broad src an

...

panorama log sync within log collector group

We have one panorama virtual appliance [hostname: Panorama] running as mgmt server & local log collector -- Pan01 – [ collector-group : ac3 ]

2. There are other two virtual appliance pan02 & pan03 [dedicated log collectors ] will be added to

...

TCP / UDP Flood

Hi all,

I have set up a dos rule from outside to my server zone.

Why sometimes I can see attacker and victim IP and sometimes not?

Cisco ASA to Palo Migration for ACLs

It seems to me that the "migration" from Cisco ASA to Palo is not apples to apples. Working in ASA for quite some time I am able to control traffic as what I allow in to the interface....So if I have 14 security zones I can control what comes into in

...

Allow downloading from Akamai or other CDNs

PANOS 8.1

Hi all - I have ongoing issues with trying to control downloading of files from CDNs. An easy example is .cab files used by Microsoft Office templates. When you download a template it goes off to a page off: templatesmetadata.office.net, bu

...

Resolved! Multi VSYS, VRs and ARP tables?

Hello team,

I will be deploying a couple of 3250s in HA and multi VSYS, and VRs.

My main concern is that are we getting separate ARP tables per each VSYS/VR? Let me give you some more background about what we will try to achieve:

We want to create 4

...

Resolved! Block all traffic but a single IP Address

Let me start by saying that I am not a firewall expert by any means but I think the task I have is simple. I want to block all traffic through a PA-500 except for a single conversation between a dedicated machine on each side of the firewall. Is ther

...

Resolved! GlobalProtect VPN - Management Access

Hi,

Does anyone know a way to get access to the panos web management interface over a globalprotect VPN? We are using three interfaces on our firewall;

1 - Management Interface

2 - Trust

3 - Untrust

Global Protect is setup on the trust - and I have a r

...

Issues observed in PANOS 8.1

Hi All,

I upgraded the PANOS from 8.0 to 8.1 last week, current version is 8.1.0. Now I am observing some issues.

1. Traffic logs are not showing source user.

PA is connected with active directory via WMI, connection status is fine. Source User in sec

...

Resolved! Address to use for Tunnnel Monitoring with Azure VPN

I have used this KB article to configure an IPSec tunnel to an Azure network

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm6WCAS

That has worked fine and the tunnel is up and passing traffic. However I want to enable tunn

...

system mode = management-only
VM Mode = VMware ESXi
Firewalls = PA-3020
Version = All on 8.1.10

I have configured log forwar

...

Resolved! Commit Function on Suspended PA

When PA is in active passive mode.
I suspended the active PA and passive took over.

This is fine.

I did the config changes on the suspended PA and did the commit.
I saw that config changes from suspended PA got syn with active PA?

My understanding of s

...

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

How and Why to Accept a Solution to Your Post

Field name of "Name" at Palo Alto Threat logs

Resolved! DoS protection policy process order

panorama log sync within log collector group

TCP / UDP Flood

Cisco ASA to Palo Migration for ACLs

Allow downloading from Akamai or other CDNs

Resolved! Multi VSYS, VRs and ARP tables?

Resolved! Block all traffic but a single IP Address

Resolved! GlobalProtect VPN - Management Access

Issues observed in PANOS 8.1

Resolved! Address to use for Tunnnel Monitoring with Azure VPN

how to redistribute default route in palo alto with one peer-group

debug ip bgp equivalent in palo alto

Resolved! Log forwarding to Panorama from PAN-OS Firewalls for Threats

Resolved! Commit Function on Suspended PA

Unable to download new version

Edit personal information

best practice assessment option is not showing in paloalto customer portal

change default static route

Monitor Logs - filtering with wildcard?

Re: What is still missing or needs to be improved in PA Next Generation Firewalls ?

Re: Solution for "SSL decryption bypass for Anydesk"

Re: Failed to update content package

Re: Solution for "SSL decryption bypass for Anydesk"

Re: Error installing dynamic update Apps

Unlock your full community experience!

Resolved! DoS protection policy process order

Resolved! Multi VSYS, VRs and ARP tables?

Resolved! Block all traffic but a single IP Address

Resolved! GlobalProtect VPN - Management Access

Resolved! Address to use for Tunnnel Monitoring with Azure VPN

Resolved! Log forwarding to Panorama from PAN-OS Firewalls for Threats

Resolved! Commit Function on Suspended PA