General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Palo URL Categorisation process

We have been attempting to use URL Filtering to block access to web based email using the Palo Alto URL Category web-based-email.We have found however that there are many web based email services that are not included in this category, including one of Australia's Largest ISP's telstra. The url for this service is email.telstra.com. I though i...

DaMonk by L0 Member
  • 3565 Views
  • 2 replies
  • 0 Likes

Resolved! UUID and HA - dashboard running config not sync'd with peer

We have updated an PA-220 HA pair to 9.0.7 and as expected see Policy Rule UUIDs. We also manage a separate population of FWs by Panaorama 9.07. From the release notes for HA deployments: policy rules sent by Panorama with apply to both HA member firewalls so they have the same UUIDpolicy rules applied not applied by Panorama with have different...

Carbon Black Threat Feed

Hi, I noticed in the code that if you use the v=carbonblack parameter on a feed node it spits out a Carbon Black Response formatted feed which works to the point you can load it into Carbon Black Response (ie CB accepts it and it appears with the Minemeld logo etc). However only one of my feeds shows any indicators (I have a Domain, IPv4 and URL...

mpg300 by L0 Member
  • 3018 Views
  • 1 replies
  • 0 Likes

Resolved! VLAN Palo Alto

Hi, I am fairly new to this firewall PA-220R. I have a workstation that has 5 NIC's. One is on a 192.168.100.0/24 range and the other is on a 192.168.130.0/24 range. The 100.0 range can reach the firewall. I have a device plugged into port 4 of the firewall with an IP of 192.168.130.100. How can I setup a route or access the device in the 192.16...

Resolved! DSCP TAGING

Hi could you confirm me, if the tagging DSCP is not flushed via the Palo Alto.I need to use an avaya VOIP solution and a dscp tag 46 is added to the packet.thank's

Gregoux by L4 Transporter
  • 9273 Views
  • 4 replies
  • 0 Likes

Global protect missing routes in clients

Hi, We are having a strange GP issue. We have two users in the same AD group and same configuration. userA: when this user connects to GP, everything is working fine, all the GP access routes are in his route table.userB: when this user connects to GP, not all the access routes are being imported in his routing table. We have tried both users in...

BigPalo by L4 Transporter
  • 5667 Views
  • 3 replies
  • 0 Likes

Resolved! What is a Master Device in Device Groups?

What role does a Master Device in a Device Group play?Is there special communication with the Master Device, as a dependency? If the Master Device goes down, is there a re-negotiation?Is this Master Device affected with the standup of HA?

erantanen by Not applicable
  • 14252 Views
  • 3 replies
  • 1 Likes

Recaptcha in websites work intermittently - Palo Alto

For all the websites, the recpatcha seems to give an error but works when we keep trying.We have tried different browsers and machines and seems to be same issue.We isolated bypassing palo alto and seems to work correctly. Can this be a issue related to Palo alto? Below are the website that they use for the recaptchahttp://patrickhlauke.github.i...

recaptcha.JPG

unkown-tcp after app & threat 8274-6098

Hello hoping someone is having the same issue - it seems any app and threat update i complete from 8274-6098 18/05/2020 is causing nearly all my traffic to appear as unknown-tcpthis stops my global protect portal, internet browsing traffic and NATd traffic via load balancers i seem to getStart - Web-browsing - 443Deny - unknown-tcp - 443End - SS...

Response page to user when file is sent to wildfire cloud....

Hi Team, I wish to know that when firewall sends any file to wildfire cloud for getting its verdict. It takes some minutes to get verdict, during this period what response page a user will get who was trying to download that file which has been sent by firewall to wildfire cloud.Can we configure response page in PA for this. Thanking You in adva...

  • 24404 Posts
  • 123 Subscriptions
Top Solution Authors
Labels