Panorama logging quotas
Does anyone know if you can configure logging quotas per device group(s) or firewall(s) My panorama is running 9.02 in legacy mode.
Does anyone know if you can configure logging quotas per device group(s) or firewall(s) My panorama is running 9.02 in legacy mode.
Source user column is empty under the monitor tab - traffic logs. We have checked all the settings from our end and couldn't see anything wrong with that.It was working before, no changes been made. Noticed it stopped working recently.No proxy server in use.Traffic is not NAT'ed before it traverses the firewall.Do we need to restart any process?
Can you please help me with understanding the new PanOS9 URL multi-category feature? Now URL can have up to 4 categories. If the four categories have different actions, I assume that the firewall will take the most restrictive one, however I could not find any reference in the admin documentation explain this. Is this correct and can you share d...
Hello,I have the following question is it possible to assign multiple authentication profiles to globalprotect. I wan't to accomplishg the following: Users of LDAP GROUP X.: Use LDAP authentication only.Users of LDAP GROUP Y: User RADIUS auth with MFA capabilities. Is this possible an how can i accomplish this? If somebody could point me int...
Hello, We have a vlan.101 interface with profile permiting ping (ping service selected) enabled on it.However, hosts on this vlan.101 cannot seem to ping this interface. Arp entries of some of the hosts are seen. Appreciate all help.Thank you.
I want to only use the url portion of this feed ignoring the protocol portion http:// https://ransomwaretracker.abuse.ch/downloads/LY_DS_URLBL.txt My regex is below: regex: ^(http:\/\/)(.*)transform: \2 This works fine outside Minemeld as python regex. However, Minemeld uses the full match which includes the protocol portion not just group 2 of ...
I notice that if a connection comes in and does not hit any policy correctly I do not see the deny in the logs. I think this is because the default behavior of the intrazone-default rule is not to log anything. Is there a down side to setting this to log events so that we can see when a connection fails? Sometimes from a troubleshooting perspec...
Hi,I have Skype for Business Edge server, it has DMZ private IP and translated to Public NAT IP. This IP should open TCP-5061 Port to Internet and we opened. It seems traffic is passing correctly. But in real, when i do telnet test, it's fail.It's not about destination side. At destination side, TCP-5061 is open and accessible.People say; So in ...
previous firewall is dead and we have a .config file , please let us know how can we convert it to XML so we can import it to firewall
Hello community When I have to update my panorama to a new version I go to the software tab and I press the button. Check now they do not show me the new versions I only see the version that is installed in the panorama. Is there any solution to show the new versions? greetings to all
Hi, I would like to know if PAs support 802.1ad (QinQ? any info about this?
Hi all, We are going to buy a Dell R630 for running Palo Alto VM100. As this box has only a few standard broadcom interfaces on board, which NIC card would you recommend to more network ports.4 Gigabit ethernet ports is sufficient in our case. Some people claim that intel based NICs are not recommended? Any advice is appreciated. Kind RegardsCobalt
INFO:-Palo 3320 PanOS 8 GOALS:I have list of users and groups in local palo databaseI want to block SALES group to access porn sites but allow DIRECTOR group QUESTIONS:1. should I use subinterface2. since director mac address can't be seen if using L3 switch then should Ia. use dynamic vlan mean wherever director go, he must authenticate and get...
Hi All, How to integrate the Everest application in Palo Alto firewall. RegardsKarthikeyan Balamurugan
I installed Minemeld on a fresh Ubuntu 16.04.6 LTS with the instructions "Manually Install MineMeld On Ubuntu Server 16.04" but the minemeld-engine is hanging in STARTING state. minemeld-engine.log shows a couple of directory not found messages for CheckPoints. Any idea how to fix this? lab-user@minemeld:~$ sudo -u minemeld /opt/minemeld/engin...
| Subject | Likes |
|---|---|
| 4 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 4 | |
| 3 | |
| 2 | |
| 2 | |
| 2 |

