General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

so TLS 1.3 got IETF branded

hey there,

 

since tls 1.3 is now a ietf standard, is there any use running ssl-decryption in the close future?

as far i understand 1.3 documents, it "looks like" 1.2 for the firewall, so there's no way to just block 1.3 and force both parties to downgr

...

ADK999 by L1 Bithead
  • 4450 Views
  • 6 replies
  • 0 Likes

Resolved! HA Active/Passive MAC address

Hello - In PaloAlto 5220 appliance configured in Active/Passive mode, both the Firewalls do have the same MAC address on interfaces. For example ETH 1/1 of active and standby Firewall have the same MAC address after cluster/HA was created.

 

These the

...

Redirect Users to GPCS Portal for Agent Download

I am trying to figure out a way to automatically get users to my GPCS portal so they can download agent. I have tried setting up the captive portal but that doesnt seem to do more than authenticate my users so i have user-ID info. Would there be a wa

...

PA200 not enought network port

Hello everyone

I have a PA200 which has only 4 network ports. But now I have 2 direct internet connections and 2 4g connections and 1 is uplink to my network. Would it be possible to connect a port of the pa200 not directly to the router but to a smal

...

Lotus Notes decryption

We have a potential customer who would like to analyze email attachments in sandbox. They are using Lotus Notes as their mail application/server. Has anyone tried decrypting Lotus Notes traffic? 

Because if this doesn't work the only solution is a cli

...

santonic by L6 Presenter
  • 2946 Views
  • 9 replies
  • 0 Likes

Swapping the roles of Firewalls in HA Pair

Hi Guys

 

I want to swap the Active/passive roles of the Firewalls in HA pair and let it run for couple of weeks.

I know that can be done by 'suspending the role' from GUI and from CLI too.

want to be careful about pre-emption and donot want to break the

...

R_Sharma by L2 Linker
  • 2826 Views
  • 6 replies
  • 0 Likes

Blocking XPS file types

As of late, Ive been seeing more and more xps file types tied to phishing attempts. PAN does catch it "Microsoft Phishing Site Detection", but as a for production. XPS files are not needed.

 

But as simlar files types are list to be blocked "pdf's, etc

...

k.truex by L1 Bithead
  • 1896 Views
  • 2 replies
  • 0 Likes

Resolved! Mining Domains from mixed IP/Domain List

Hi guys,

 

I would appreciate some help withe this issue. I wanto to mine domains from a list that has IP/Domais mixed. The list has on the top a short description whose lines start with the "#" character. Thats fine, I can use the "ignore_regex ^#" to

...

Minemeld and production installation

 Hi,

 

I'm considering how to do some of the following, if anyone has advice or links to documentation I'm not finding I would appreciate it:

 

  1. Export the configuration in a way that any local custom miners are also backed up, meaning the restore is a li
...

chirss by L3 Networker
  • 3319 Views
  • 1 replies
  • 2 Likes

Resolved! Panorama VM-Series Multiple Interface support

Hi Guys,

 

We are planning to deploy virtual Panorama for one of our customers on ESXi platform. One of the requirements is that customer wants to have read-only access to the Panorama management. So we were discussing the solution to attach two interf

...

FW Logging Prefix list

Can any one confirm that when we configured log collector group with two managed log collector (both active and passive Panorama's) and if see the logging status on the firewalls does it show only the Active Log collector or both Active and Passive l

...

Sanssj by L2 Linker
  • 1335 Views
  • 2 replies
  • 0 Likes

Resolved! Filtering for security policies with DSRI enabled

Has anyone found the syntx to search in the security rule-base for any rule that has "disable server response inspection" enabled.

I attempted using 

disable-server-response-inspection eq 'yes' and other modifications of that similar syntax with no luc

...