General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Wildfire submission log

I don't understand wildfire work.I have this example that Firewall had wildfire-virus signature but was created wildfire submission log before wildfire-virus identificationwhy?

wildfire log.png
hbshin by L2 Linker
  • 5870 Views
  • 4 replies
  • 0 Likes

Packet capture

We have an issue with SIP sessions randomly hang on the firewall. We are trying to do packet capture on the Palo alto firewall. Since the issue is random, so we need to leave the packet capture on until it happens next time. It seems the firewall automatically turns off the packet capture after about 10 to 15 minutes. Is that by design? Is there...

Prevent Global Protect connecting when on internal network

After some advice please. How can I prevent Global Protect client from trying to connect to an external gateway when the device is on an internal known corporate network ? My connect method is already set to On-demand (manual user initiated connection) but it still attempts to connect at device logon. Thanks

Error: "Detected another instance" An old GlobalProtect instance exists... (Mac 10.14.5)

New Macbook pro, MacOS 10.14.5 the user account and applications were migrated using migration assistant.In the past this works fine. User is getting continual popups: Steps taken: uninstalled using globalprotect installer. Reboot. Reinstall. Same error.Uninstall client again, in terminal ran support document steps to detect enforcer kernel exte...

3097_Screen Shot 2012-06-21 at 6.51.17 PM.png

PA-5220 HA Configuration

Please can someone shed some light on the following issues which we are facing for PA-5220 HA Configuration:We can see port lights on HSCI port but not on HA-1/HA-2 ports even when they are connected,. Should they be enabled somewhere because in GUI i can just see in-band ports till port 24.How can we setup HA using dedicated ports, because in D...

Connection between two DMZ zone with MPLS

Hello,We have a server on the DMZ zone and another server in the other DMZ site.We need to allow traffics between the two DMZ zones with the MPLS connection.I don’t know how can I put this configuration on my PA firewall or maybe I should contact my MPLS provider to do this act on the MPLS router?I will appreciate your help or suggestion to solv...

ra7oub4 by L2 Linker
  • 3197 Views
  • 1 replies
  • 0 Likes

IPSec / returning ESP packets dropped when terminating interface is in a different zone

Hi all,I have an IPSec tunnel connecting to an old SSG. Tunnel came up successfully and SSG can see the traffic and is returning correctly into the tunnel. However PAN's decrypt counter remains 0. When i did a packet capture, the returning ESP packet is dropped shown below Frame 43 and 47:The setup i have is:eth1/1 - ISP WAN in zone "outside"loo...

dropped-ESP.png

How to disable SSH weak algorithm supported

We used Nessus to run security scan on the PA-5220 we are trying out and it came back with the following medium vulnerability:https://www.tenable.com/plugins/nessus/90317The remote SSH server is configured to allow weak encryption algorithms or no algorithm at all.Nessus has detected that the remote SSH server is configured to use the Arcfour st...

cnarvasa by L0 Member
  • 61315 Views
  • 5 replies
  • 0 Likes

Do I need SSL decryption to turned ON for Wildfire deployment ?

Can Wildfire engine detect & identify zero day or known threat if SSL decrption feature is off in Palo Alto firewall ? WildFire can discover zero-day malware in web traffic (HTTP/HTTPS), email protocols (SMTP, IMAP, and POP), and FTP traffic and can quickly generate signatures to identify and protect against future infections from the malwar...

PS007 by L2 Linker
  • 8325 Views
  • 4 replies
  • 0 Likes

HA1 encryption issues?

Hi Random question but has anyone had any issues when enabling HA1 encryption? I performed a BPA yesterday and noticed that we do not have HA1 encryption enabled. I looked into it and seemed like a very simple/quick win to do and after following step 6 from here and commiting the change HA1 goes down.The firewall stays up and operational just th...

CRDF18 by L2 Linker
  • 4356 Views
  • 2 replies
  • 0 Likes

Authentication Profile

SAML with RSA MFA authentication profile is getting synced on the HA active/passive firewall. The issue is that each node needs it's own unique authentication profile. As soon I change it on one node it sync's to the passive node. Is there any way to not have the authentication profile sync?

Shawverr by L3 Networker
  • 3226 Views
  • 2 replies
  • 0 Likes

BUG -106914

BUG -106914.this is mentioned in 8.1.9 PAN OS as addressed issue. Please find the detail:Fixed an issue on a firewall in a high availability (HA) active/passive configuration where HA1 and HA2 links stopped passing packets, which caused a split-brain condition after an automatic configuration sync. I need information if this is related to any p...

arun_sh by L1 Bithead
  • 7573 Views
  • 3 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels