General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 274 Views
  • 0 replies
  • 1 Likes

getting frequent wildfire updates

Every 5 mins getting alerts related to Wildfire

 

 Previous week, we have alert now and then but not this often (5-10 alerts per week)

 

what can be the cause if sudden spike in updates??

 

It's a medium level system alert saying "Successfully registerted

...

syslog reports (web usage)

Hi all,

 

I do daily scripted syslog reports for traffic through the firewall. PA syslog messages are pretty good actually. However, the only messages that have something that resembles URL is the messages of the "THREAT url" pattern. Now, I accasional

...

au_igs by L1 Bithead
  • 5034 Views
  • 8 replies
  • 0 Likes

connect-server-monitor-failure

Has anyone experienced numerous of these "connect-server-monitor-failure" alerts when using agentless user ID?

 

I have 20+ firewalls using a few specific domain controllers to get user ID info, but these alerts are constantly, 100's an hour.

 

It seems

...

MikeC by L3 Networker
  • 12283 Views
  • 7 replies
  • 0 Likes

User-id doesn't work on SSID

I have PAN UID agent mapping IP-to-usernames. It works like a gem for internal users but not on the DMZ which allows company phones with their AD creds. I am not seeing any usernames for these users although they authenticate against AD server. has a

...

NAT + DIPP question

Hi - we have experienced an issue where users in a certain zone were having intermittent problems accessing the internet. We speculated that there could be a NAT issue, and the pool might be full, or translations just werent working. The pool is larg

...

Palo NAT question.png

POC in AWS - Palo Alto Active/Active under NLB

Working on a POC. 

 

Have two firewalls sitting under an NLB. One of the firewalls routes traffic to database. This appears to be a limitation on the VPC route tables. 

 

With traffic from App server destined for the DB, it goes through AZA palo alto. 

 

W

...

PXE Boot Not Working

Hello everyone,

I have a new issue where a PA3020 has been placed between Client and Server subnets on the network. Since this install, building new PCs using PXE boot and deploying Applications using Windows SCCM no longer works.

The build starts and

...

Bocsa by L3 Networker
  • 9888 Views
  • 4 replies
  • 0 Likes

Resolved! User ID and LDAP configuration

Hi ,

I am a beginner to PA Networks.

Can anyone please provide any document to configure the LDAP tree structure in WIN 2008 sever AD. So that PA user agent fetches the user - ip mapping information.

Thanks

Auto update of trusted root CA

Hello,

 

Our PANs are not updating the list of trusted root CA certificates which is causing issues with services such as Microsoft Skype for Business and other applications as we have SSL decryption enabled. Using PAN-OS 8.0.7

For example, Microsoft us

...

Farzana by L4 Transporter
  • 5898 Views
  • 2 replies
  • 1 Likes

Analysis ransomware

Hi,

 

One of our servers have been infected by any kind of ransomware. We can see several files encripted. So we are seeing any evidence about the infection in the PA. The only trace that we saw in PA is that the infected server sends many dns sessions

...

AV.JPG
BigPalo by L4 Transporter
  • 4541 Views
  • 4 replies
  • 0 Likes

Resolved! MS Updates blocked

It appears as though all of the sudden ms-upate traffic is being picked up as either session-end reason threat or n/a and updates are failing on my MS servers. Regardless of the server they all seem to be hitting the unidentified default rule at the

...

  • 23639 Posts
  • 107 Subscriptions
Top Liked Authors
Labels