This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

How will threat functionality work with asymmetric routing

Posted this on threat discussions but havent had any responses. Please help me understand what will happen in this case.

 

I would like to understand what will happen to Threat Protection and AntiVirus(TPAV) in the following case.  Both firewalls have

...

question.PNG
SuryaR by L3 Networker
  • 1796 Views
  • 1 replies
  • 0 Likes

Seeson end reason aged out

HI friends,

 

We have created interzone rule looks like below

 

<entry name="Rule1>
<profile-setting>
<profiles>
<url-filtering>
<member>default</member>
</url-filtering>
<virus>
<member>default</member>
</virus>
<spyware>
<member>Sinkhole</member>
<

...

Rule base management best practices

Hi Everyone,

 

I'm new to the Palo Alto firewall system. My experience is with Checkpoint firewalls. I've been asked by management to look into the best practices for rule base management.

 

Currently we go through the rule and look at every rule and try

...

Log retention in firewalls and panorama

Hi, I have the following question related to log management:

 

  • why PAN-70X0 can't send event logs to Panorama ?
  • are the event logs stored in compressed format ? If so, what is the compression ratio ?

 

Regards

 

Mario

Resolved! Panorama failover and connection to Firewall

We have M100 in active and PAssive mode.

Did failover where active was suspended and passive M100 became active

 

Check the firewall it still shows connected to Suspended PAnorama and it is active one from FW point of view?

is this by design?

MP18 by Cyber Elite
  • 2708 Views
  • 6 replies
  • 0 Likes

Boot Partition software version change

Can the software version of a boot partition be changed?  After upgrading to a new version PANos, without reboot no changes can be pushed from Panorama to the firewall.  Can this be revereted without reboot as well?  Or change the version listed for

...

Unable to change GlobalProtect user name on Mac

We have configured GlobalProtect for AlwaysOn using machine certificates for pre-logon. This works fine on both Mac and Windows. In the portal agent config we have also a gateway configured as Manual Only that the users can switch to for getting acce

...

pkaren by L1 Bithead
  • 2095 Views
  • 0 replies
  • 0 Likes

Resolved! Minemeld SSL Certificates

Hi - 2 questions:-

 

> How do we change the default SSL certificate on Minemeld?  Standard Apache cert replacement?

> If we have a custom source running SSL with a self-signed cert, can we force a HTTPS miner to ignore the cert error?

 

Thanks!

apackard by L4 Transporter
  • 22949 Views
  • 11 replies
  • 0 Likes

Resolved! Load Partial Config: merge vs append

When loading a partial config you have 3 options:  replace, merge, append.  I can't find a description anywhere as to what exactly each of these does!  Especially between merge and append.  I did see this KB article but it really doesn't explain the

...

ACS Accounting to PAN

I have Cisco WLC and use ACS for radius authentication.  I'm trying to configure PA FW to use those accounting logs for User ID.   I'm following this article but it's not working https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000

...

MikeC by L3 Networker
  • 1341 Views
  • 0 replies
  • 0 Likes

Packet Flow Sequence and Application Override

Hello everyone,

I have a question regarding the "AppID override" ,

In this article "https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVLCA0" we can read the following:

"
Special Note about Content and Threat inspection
Applicatio

...

Resolved! TLS 1.3 is Coming - How to deal with it????

My security counter parts came to me letting me know that in Chrome version 70.X+ TLS 1.3 will be turned on by default.  This appears to be causing problems in our current firewall deployment:

 

A/P HA-par 5220s running 8.0.10 (soon to be 8.0.12).

 

It l

...

TLS_Error.png
TLS_1.3.PNG

Problems with ping due to SSL decryption

Hello

we have PA 220 model

and when we implement SSL decryption we can observe the ping delay in our trust interface.THE cpu load is 50 %

when we turn off the SSL decryption everything is normal

Radmin_85 by L4 Transporter
  • 2228 Views
  • 2 replies
  • 0 Likes
  • 24197 Posts
  • 100 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks