General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 418 Views
  • 0 replies
  • 2 Likes

Recommended User-ID settings

I need some help understanding the recommended settings for Pan-OS agentless User-ID.

 

First, here are my current enabled settings.


Server Monitor tab:  I have "Enable Security Log" checked.   Server log monitor frequency is 20, server session read fre

...

ce1028 by L4 Transporter
  • 9606 Views
  • 5 replies
  • 0 Likes

Resolved! HA suspend state warning message

We were testing our HA fail over,we suspended primary and failover happened,we then suspended secondary thinking it would fall back to primary,however primary was still suspended,so it caused an outage.

 

We understand it was a human error but We were

...

Global protect-DNS

Good afternoon/morning/evening everyone, 

I have an interesting one:I have a group of offshore developers and I thought about setting up a few access routes, doing split tunneling, however the problem is that my DNS being pushed for the agent is my DN

...

TS Agent not working for Windows File Explorer

Hi!

 

We found out, that it is not possible to track the user when he starts a Windows-File-Explorer via Citrix. Source-Port is used from the System-Context and not from the User-Context.

This behaivour is confirmed by Palo Alto, and it seems to be simi

...

EDL list used in policy has no valid entries

Hi Community.

I have configured PA to fetch EDL of type IP addresses from EDL link "https://panwdbl.appspot.com/lists/ettor.txt" for blocking tor. 

I am able to see that the list is getting populated. But occasionally I am getting below warning while c

...

Resolved! Credential submission detection with SSO

Hi,

 

Anyone knows if Credential submission detection works correctly with users that introduce the credentials via SSO in several webs?

the firewall is capable to identify every time the credentials were submitted on a new web via SSO?

 

I didn't find an

...

Where do I turn this off?

 

 Getting a warning every time I hit okay on an interface that I already know has management enabled is irritating. Where do I turn this pointless warning off in the settings?

warning.PNG

Push Public IP's down via Global Protect

I have a possible need to push some of my public IP's down through my Global Protect clients.

 

Meaning an associate at home will hit my public IP via GlobalProtect and not from the Internet side. 

 

Can this be done... Or is it a bad idea in Palo Alto L

...

Network slowness after changing the fw

Hi,

 

We have change a PA3020 devices cluster, with a PA3220 cluster. After changing them we are having slowness issues in the network.

 

After doing some troubleshooting we have seen that the issue is with SMB and also with the Internet connection. If w

...

Connections Per Second Per host?

Has anyone found a way to see a hosts generated connections per second? In other words we want to hone in on a specific host and see the CPS being generated in either a live or post event.

 

All I have found so far is global cps (show session info)

 

Tha

...

Cisco ACI plug-in Synchronize Error

We have completed the installation and integration of the Cisco ACI plug-in to our panorama environment. We have found that on 2 of the 3 APIC clusters we are tied into for 3 different fabrics we get the following error on synchronization.

'State of A

...

aci.jpg

snmpd crashing even after manual restart

Hi there,

 

We have 2 PA-3020 in our environment working as active/passive.
Recently after upgrading to PanOS9.04, both boxes are presenting issues with the snmp daemon. At first the problem was easily fixed with manual restart of process, and than beca

...

UNIRIO by L1 Bithead
  • 7255 Views
  • 3 replies
  • 0 Likes

intermittent dataplane CPU spike

@BPry 

I am seeing the dataplane cpu spike to over 90% for about 5 minutes and then drop to normal. It comes intermittently with not regularity to when it occurs. I have been doing the show running resource-monitor, show system statistics,  and showin

...

jdprovine by L4 Transporter
  • 4651 Views
  • 3 replies
  • 0 Likes
  • 23695 Posts
  • 110 Subscriptions
Top Solution Authors
Labels