General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Active PA license expiring soon

 

We have PA in active passive mode.

Seems Active PA license is expiring soon.

 

Due to our internal process we can not get license in time.

 

If active PA license is expired will it work normally in Active passive mode?

MP18 by Cyber Elite
  • 3394 Views
  • 3 replies
  • 0 Likes

Resolved! Link or Path monitoring function

If I have not enabled any type of HA, can I still enable Link or path monitoring to trigger a firewall (not in HA) to go in suspend or non functional state ?

PS007 by L2 Linker
  • 3046 Views
  • 2 replies
  • 0 Likes

Resolved! LDAP auth for the WEB UI access clarification

Hi All,

 

Why do we need step 3 mentioned in the KB below for the WB UI authentication with LDAP?:

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGuCAK

 

 

Why do we need to create a local user? Won't Palo be an LDAP proxy (gra

...

LDAP.PNG
myky by L3 Networker
  • 6712 Views
  • 6 replies
  • 0 Likes

False Positive (virus/win32.wgeneric.vnujo)

Dear Support,

 

Our customers have been reporting that palo alto is identifying our software as malware.

 

application ms-ds-smbv3
virus/win32.wgeneric.vnujo
ID 219797367

 

How can we proceed to whitelist our software permanently?

 

Thank you

prsi0203 by L1 Bithead
  • 6728 Views
  • 4 replies
  • 0 Likes

Resolved! How do you deal with Service Route and MGT port redundancy?

We had an outage that took out a switch, and the PA management port is connected to that switch. I was unable to access the UI or CLI, and VPN was unable to authenticate via LDAP. I found the issue was that all the Service Routes were set to default

...

Maxstr by L3 Networker
  • 4961 Views
  • 4 replies
  • 0 Likes

How to resolve invalid NAT rules in Expedition

I've downloaded and run the latest Expedition VM, and have imported my Cisco ASA config file, but Expedition says all my NAT rules are invalid.  Not clear what that means, and the instructions (link below) say nothing about how to resolve them.

 

https

...

Resolved! Checking for CloudWatch

Hi all,

 

Relatively new with Prisma and playing with the RQL. Would anyone be able to tell me if there's a query i can run that tells me if cloudwatch is enabled within an AWS environment?

 

Report wise, I tried running something against CIS compliance

...

Resolved! HIP logs review

Hi,

 

Need your insight !!

We have few VPN portals to meet HIP checks ( laptop - Domain and anti virus ) 

I could see the HIP logs in the HIP Match ( that means host passed the HIP match ?)

Or those logs that shows HIP match passed or failed ?

 

Any keyword

...

Resolved! Panorama Error

Getting below error in Panoram's  system logs :

 

Panorama has lost connection to its peer, no log will be forwarded

 

Though from Panorama all devices looks connected .Verifed the device status from panorma.

 

Anyone facing similar issue  ?

deepak12 by L3 Networker
  • 7814 Views
  • 4 replies
  • 0 Likes

NAT PPTP VPN

Hello, im trying to set up a NAT rule for a PPTP VPN tunnel.

I have set it up like this:

Source: untrust

Dest. zone: untrust

Source address: Any

Dest. address: lets say 20.20.20.20/32

Service: any

Source Translation: None

Dest-Translation:20.20.20.20/32

 

Secu

...

holten by L1 Bithead
  • 3341 Views
  • 1 replies
  • 0 Likes

TLS 1.3 support

Hi everybody,

any news regarding change of decryption from passive to proxy mode to support TLS 1.3 decryption?

Thank you,

Jan

  • 23721 Posts
  • 104 Subscriptions
Top Solution Authors
Top Liked Authors
Labels