General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

IPTV Multicast stream setup problem

My internet provider also sends the tv signal using multicast. If i set it up according to the guide which is congruently with other sources and the way this should be properly set up: internal interface IGMP, external PIM enabled I receive the follo

...

pan219 by L2 Linker
  • 1929 Views
  • 0 replies
  • 0 Likes

IP to User mapping Format

Hi !

 

We configured Windows  User Agent for the IP-to-User Mapping to apply the  AD group based policy. User Agent is fine and IP-to-User lookup forwadred to firewall .

 

But the problem in the user format. Some  user's mapped in the format of netbios\u

...

gpsriram by L1 Bithead
  • 2353 Views
  • 1 replies
  • 0 Likes

PAN-88671

Hello,

 

In PANOS 8.0.8 release,  now can disable or enable the L4 checksum checking.

 

How do I check if my 5200 firewall L4 checksum is enabled or disabled?

 

How do I check if traffic is dropped due the L4 checksum?

 

Thanks,

 

E

Resolved! User Activity Report

Hello,

 

I have generated the User Activity report, just wondering whats the count column in the report?

 

Is that the number of time the user has visited the site?

 

Also some category has 2 counts and browser time 0:00:00 what does that mean?

 

Total time

...

Sample.png

MISP -> Minemeld -> QRadar

Good morning,

 

I can find almost this integration, however taxii server for QRadar mybe isn't the best approach.

 

I would like to develop a connector to QRadar API, because taxii isn't so smooth dealing with data from MISP.

 

Anyone can help?

 

Thank you,

B

...

Global Protect Client Certificate Issue

Hi team

How can I implement in the Global Protect confuguration the use of client certificate and LDAP authentication as two factor authentication only for some user (or a user group) ? We had only rolled out private certificates from our PKI for some

...

mtsadmin by L1 Bithead
  • 3008 Views
  • 8 replies
  • 0 Likes

Resolved! How to list all configured values for a template?

Is there a way to list all configured values for a given template? I have searched the tech docs and Community but can't find a good answer for this.

 

Background: I inherited a Template Stack in Panorama, and one of the templates has an oddball naming

...

Cisco router to PA 220

I am working on a migration/upgrade project to take a Cisco 2901 router and repalce with a PA-220. I'm not sure how to configure some items. Here are some of the existing Cisco router config that I need help with on how to replicate in the 220:

 

ip na

...

GIT_Sean by L1 Bithead
  • 1792 Views
  • 0 replies
  • 1 Likes

Resolved! Dual Firewall pair-True DMZ design

Hello All,

 

I am looking for any helpful suggestions,recommendations,critics etc for my new firewall design implementation project.

currently, we have a pair of 5020s facing the internet and having DMZs,Internet and Internal networks on them. My manage

...

Resolved! Two question HA

Good Morning

 

I have two questions regarding the HA Fault conditions

When I configure Link Monitoring and Path Monitoring in the Active Firewall Should I also configure these conditions in the same way in the passive Firewall?

 

The "Heartbeats Backup

...

Resolved! O365 URL rewrite

I'm using minemeld to pull the O365 urls into my PAN. I get a list that has entries like
*.domain.com
sub.domain1.com

 

I need to import those entries and rewrite them so they look like
*.domain.com/
domain.com/
*.sub.domain1.com/
sub.domain1.com/

 

Any po

...

ckemp by L2 Linker
  • 12275 Views
  • 25 replies
  • 0 Likes

Resolved! Dropbox Client not working

I have a policy rule to allow dropbox.  I am performing SSL Decryption.  The users are using the dropbox client (not web). I came across this article that mentions this will not work when decrpytion is on

 

https://knowledgebase.paloaltonetworks.com/KC

...

MikeC by L3 Networker
  • 2976 Views
  • 1 replies
  • 0 Likes

Strange behaviour web-server through PA

Hi,

 

We are having strange behaviour going to a web server behind PA. Several clients report that they can not access to this web server. In the pcap we can see that the tcp-rst is sent from client. We suspect that the issue could be in PA or any ISP

...

Router.JPG
PaloAlto.JPG
BigPalo by L4 Transporter
  • 1253 Views
  • 0 replies
  • 0 Likes
  • 24193 Posts
  • 101 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels