General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

"OSPF-neighbor-down"- software bug??

I'm currently running 8.1.10 on PA-820 firewalls. They are in A/P failover pair. Last night, all of a sudden primary firewall started showing "( eventid eq routed-OSPF-neighbor-down )" in system logs and OSPF went down. I failed over to secondary and connections were restored. These 2 firewalls are connected to 2 switchports which are both part ...

Resolved! Panorama and VMs in Google Cloud (GCP) : VM information sources

Hi Everyone, I am testing 8.x and 9.x VM series NGFW in Google Cloud Platform and I am testing integration into Google SDN fabric.I successfully created a VM information source feed and some Dynamic address Groups using GCP fabric filters (network tags, hostname, etc) I noticed that the information retrieved from the fabric is only related to th...

Resolved! Use destination networks even with App-ID specified?

I've been creating security rules to allow Traps Management (with the traps-management-service App-ID) pretty tightly by also defining destination networks (using FQDN objects for the multiple <tenant>.traps.paloaltonetworks.com and common contentprod and distributions hosts). According to the documentation on https://docs.paloaltonetworks...

GlobalProtect client not consistent

I am building out a test environment using GP as always-on/prelogon. The issue that I am seeing is that one test user, this seems to work fine and another test user it does not. Both users are running the same PC type and same Windows 10 updates into the same AD environment for in office authentication. Current GP version 4.1.12 (I am trying to ...

High CPU on fresh minemeld ansible install

Hello, I just installed minemeld on Ubuntu 18.04 (with a few tweaks from here) and the setup was working. But now I have a VM that consumes 2 full CPUs since about 30 minutes. When I try to login to the admin web interface I get after a few seconds the message "error checking credentials - timeout" in the right top corner and nothing happens. Is...

Deas.h by L1 Bithead
  • 5491 Views
  • 7 replies
  • 0 Likes

URL filtering

Hi All,Hope all doing good.When i access one of internet website PA categorize as ssl/443-allowed and one of the user accessing the same website PA categorize it as web browsing/80 and is blocked/Threat.Why is it behaving this way? Is this issue with website or from source side.Can someone please explain?Traffic log- 443/ssl allowed and 80/web b...

Nizmytom by L0 Member
  • 3990 Views
  • 4 replies
  • 0 Likes

Delay in SSH

Iam facing delay issue of 10-20 seconds occurs between the time the username is input and a password prompt.

Resolved! DPD bug with ipsec on 9.0.5

I have a IKE1 tunnel setup.Life time for ph1 and ph2 is 8 hours. For some reason the other end drops at 6 hours .. not sure why. But the PA keeps the tunnel up. I have confirmed this numerious times screen sharing situation and I can confirm that no packets have come from the other side for over 30 min. My DPD is set 10 2 ... in 20 sec it shoul...

HOW TO Allow interface to access ethernet interface configured as Managment

We have a 2 system (firewall and RHEL7 server) configuration that has been set up to allow management access through ethernet1/11. What i am trying very unsuccessfully to do now is configure ethernet1/12 to be able to connect to the managment interface.1/11 is set up to do DHCP so our laptops can connect for GUI use. I would like the RHEL7 serve...

rwolsen by L1 Bithead
  • 10531 Views
  • 6 replies
  • 0 Likes

Resolved! Log forwarding issue

Hi team, i have deployed palo alto firewall on AWS environment and ran into some issues when trying to send the logs over to a syslog server.when i use a syslog server that is not in the same subnet as the management interface and tried to manually set the right 1.interface in the service route configuration it didnt let me choose any of mu inte...

Suspicious traffic from internal to External IP

Hi All, Recently on my SIEM console. I could observe the web traffic from the internal host machine towards the blacklisted IP over the port 443. Alert was flagged by the PaSeries (Palo alto firewall). Two events I have observed 1) CryptoMiner.Gen Malicious Script Detection2)Traffic End First event contains below informationApplication=web-brow...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels