General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

PAN DB URL filtering issue.

Dear all, One of my customer PAN DB License expired and we try to block all Youtube videos excluding some the vidoes links in Youtube. My query here is, whether if the device without a valid PAN DB Licence we will be able to acheive the above requirement to be configured. Please let me know if you have any questions. And eagerly waiting for a ...

Resolved! Policy details

Hi , Is there way to pull the details of all policies using same address/address group in Panorama via cli . I can check from gui , but it will need lot of manul work . Example: address group -" Test" is part of policy for 10 firewall managed by Panorama . How i can pull details which are the policy name along with respective device group nam...

deepak12 by L3 Networker
  • 5231 Views
  • 3 replies
  • 0 Likes

Resolved! Office 365 Security Policy Question

In referencing the link below (FAQ - Office 365 Access Control), I'm concerned with a destination in the Security Policy for Office 365. What is everyone else doing for destination? The list of IP addresses for Office 365 Business products is long and ever changing or can a URL Category be used in the Security Policy using the published FQDNs in...

Resolved! API-Call for QOS results in 'interface has unexpected text'

Hi, when I try to use an api call to query the qos statistics of an interface i get this errormessage: <response status="error" code="17"><msg><line><![CDATA[ show -> qos -> interface has unexpected text. ]]></line><line><![CDATA[ show -> qos -> interface is invalid ]]></line></msg&g...

ABux by L1 Bithead
  • 7650 Views
  • 4 replies
  • 0 Likes

Vulnerability in PA?

Hi, We just received info about this vulneraability:https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.mdSo we would like to know if PA appliances are impacted? Thanks

BigPalo by L4 Transporter
  • 11127 Views
  • 16 replies
  • 0 Likes

Resolved! Changing IP Addresses

Throwing this out here to see if I maybe creating any issues. I have a machine that is setup in my firewall with an address object. Let's say it's its Machine1 and it's IP is 10.0.0.50. This machine will be decommissioned soon and I have setup another machine that will replace it. Let's say it's Object name is Machine2 and it's address is 10...

Resolved! Skype for business screen sharing and file sending - incomplete

Hi We are getting reports of our Skype for business screen sharing or file sending isnt working today. We have had all the rules setup for a long while with no reported issues but today its not working. When i check the firewall logs for a particular user nothing is being blocked. What i can see that when he tries to share his screen according t...

CRDF18 by L2 Linker
  • 11974 Views
  • 3 replies
  • 0 Likes

Panorama Local Log Collector.

Hey, I have a HA pair of firewalls in SiteA and a HA pair of firewalls in SiteB. SiteA and SiteB seperated by a 1Gb WAN. I have Panorama deployed in HA, one VM in SiteA and one VM in SiteB. I want the firewall in SiteA to send logs "only" to the Panorama VM in SiteA, similarly I want the firewall in SiteB to send logs "only" to the Panorama VM i...

sip invite method request flood attempt

I have recently been dealing with sip invite method request flood attempt show up not only in my threatsm but also making it impossible to make calls external or external to internal calls because its trying to call a number every 4 seconds and taking all my SIP connections available. Besides blocking it on the firewall and having the ISP deadro...

jdprovine by L4 Transporter
  • 21298 Views
  • 5 replies
  • 0 Likes

Resolved! Virtual Wires and Tag allowed

Hi All , Is there any specific reason why we can't have same VLAN tag defined on the parent virtual wire interface and the subinterface ? Thanks ..

deepak12 by L3 Networker
  • 3845 Views
  • 2 replies
  • 0 Likes

Allow outbound web traffic by exception by session while utilizing authentication

Is it possible to block all outbound http/https traffic on an authenticated per-session basis instead of a per-client basis? I currently have my PA setup so that it will only permit web traffic after authentication (using captive portal), however this appears to allow all outbound web traffic on the client, whereas I'm looking for it to continue...

Kerberos SSO PAN-OS 7.0.1

Hello,at the moment I'm trying to set up a SSO Auth with the Admin Web Interface (and Captive Portal). I set it up like the documentation of PAN-OS 7.0 told me. I tried different Crypto types but all with the same error.1. Log in to the KDC and open a command prompt.2. Enter the following command, where <principal_name>,<password>, a...

Change password for TACACS user

Hi all, Is it possible to allow Firewall administrators (authenticated via TACACS+ running on Cisco ACS) to change their expired TACACS passwords when they're logging in to Web UI of the Firewall ? Cheers, Marek

Globalprotect portal not found

Hello,I'm having some issues connecting with globalprotect with one laptop.The 4.1.10 version was installed . Tried with 4.1.12 and 5.0.2, same issue.I can connect via the browser without issues. install and uninstall a few times with no luck...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels