General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Avoid Attack from outise in PA

HI, We are having attacks from outside to DMZ. Many diffrents ips are attacking our public range. These attacks are causing packet buffer 100% and CPU 100%, doing an outage in our network. So in traffic logs we can see all sesiones being denied for policy deny. Is there any way to avoid that FW proccess these sessions and not increasing CPU?? w...

BigPalo by L4 Transporter
  • 7752 Views
  • 8 replies
  • 0 Likes

Global Protect with Azure MFA issues

PA3020 PANOS-8.1.7 GP-4.0.7Using Radius server for auth.Radius talks to Azure MFA for 2 factor auth.Having timeout issues.Sometimes user not getting MFA prompt on the phone.If the get MFA prompt they will get auth errors.

Panorama help : How to reset rules hit count

Hello everybody, I have to reset three policies usage in Panorama 8.1 firewall but in this version is not available this option in the GUI. I guess I can do it from the CLI. Can anyboy help me?. Thanks in advance.

carlostg by L1 Bithead
  • 8238 Views
  • 1 replies
  • 0 Likes

Restart is disabled because no ike sa was established

We have IPSEC tunnel to vendor.Tunnel is up Gui shows Phase 1 is red.I can ping the IP on the tunnel on vendor side which is Gateway for Vendor LAN.Unable to ping the LAN IP on vendor side. PA shows traffic is passing but nothing coming back from vendor LAN?

MP18 by Cyber Elite
  • 5901 Views
  • 2 replies
  • 0 Likes

Firewall rules suggestion

Hello I would like to have advices regarding firewall rules. I'm deploying a PA-3220 on my main site (site A). On this main site, I have several zones configured on my PA3220 (user, servers, dmz Intranet,). I have also 5 remote sites. I must create a rule to allow small sites and users & servers zone configured on my main site (site A) to re...

Resolved! PAN Next Generation Firewall 3020 can't Forward Logs Properly to External Syslog Server

Hi, I'm trying to forward all logs from PAN Firewall 3020 to an external Syslog server. I have followed the guide here and have tried to debug the problem by accessing the firewall through CLI but to no avail. However, I think I might have noticed an error from debugging. By running this line of code, I get the following results:debug log-receiv...

Resolved! File Blocking rule logic

The following KB article states that the File Blocking rulebase is not top-down but based on action precedence. The article fails to mention anything on the function of the application column with regard to processing logic:https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGeCAK If for instance, I have a security rule t...

Resolved! Allow traffic after "decrypt-error"?

Is there any way to allow traffic after "decrypt-error"? I get a lot of decrypt-errors showing up in the logs when SSL decryption is enabled. Most of it is from amazonaws.com (even though I excluded it from decryption). I would rather just allow the traffic to pass, but instead it's getting denied by default, and I can't find any way to allow it...

Maxstr by L3 Networker
  • 24173 Views
  • 2 replies
  • 1 Likes

The command "Show systems statistics session" in a daily report?

I would like the information displayed in the "Show systems statistics session" CLI command to be packaged into a daily report so that I could see the previous day's throughput, packet rate, TCP sessions, etc and displayed in nice line graphs. Is there such a report? Thanks! UpdateI solved this by using the XML API and a Powershell script (belo...

Can rapid fire spam phone calls be blocked by the PA

Can rapid fire spam phone calls be blocked by the PA, they seem to be similar to a dial of service and they are making it possible for us to make outgoing calls or recieve incoming calls by using all our phone sessions? Is there a way to block them using the PA?

jdprovine by L4 Transporter
  • 11038 Views
  • 10 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels