General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Why is "set address BLAH tag BLAH not working?!

admin@PA-5250-LOANER# show address TULLYset address TULLY ip-netmask 192.168.15.245set address TULLY tag Safenet_Listener_Service[edit]admin@PA-5250-LOANER# set address POPLICOLA tag Portal_ServicesServer error : tag 'Portal_Services' is not a valid reference[edit]admin@PA-5250-LOANER# Is there a syntax issue here that I am not seeing?

Resolved! UDP 443 becoming more prevelant

Today I have discovered that the latest Facebook App for Apple IOS is using udp/443 for communication. This behavior seems similar to the Google Quic protocol. I also caught a glimpse of an article referencing the move to a http2/api WWW. If this is going to be the direction the industry goes, does anyone know how long it takes Palo Alto to sign...

Syslog Fields Mismatch the documentation PanOSV9.0

I have syslogs coming to my SIEM from the device with PanOS V9.0. The number of fields i am receiving and the number of fields specified in the documentation doesnot match.For example, in TRAFFIC logs, 1,2019/05/09 15:09:20,xxxxxxxxxxxx,TRAFFIC,end,2304,2019/05/09 15:09:20,xx.xx.xx.xx,xx.xx.xx.xx,xx.xx.xx.xx,xx.xx.xx.xx,Allow all,,,ocsp,vsys1,In...

gnikesh by L1 Bithead
  • 3593 Views
  • 2 replies
  • 0 Likes

Resolved! VPN Site a Site Palo Alto Pas de traffic retour

Bonjourj'ai monté un tunnel vpn entre un PA-850 et un PA-220. La gateway IKE et le tunnel sont au vert.Je n'obtiens aucuns trafic en reception dans le tunnel sur le site A. Le site B quant a lui recoit mes requetes et y repond, mais comme je n'ai pas de reception je n'obtiens pas la reponse.Du coup je me suis dis il y a une policy qui bloque ou...

Resolved! setting security rules for vpn access for certain users?

i created a remote vpn and a vpn zone for local users , i created a security rule from vpn zone into inside but the problem is when i try to set certain access for different users , when i type the user name it doesnt auto complete it or list other local users in the security rule? shouldnt it list all the local users created to choose from them...

chuckles by L2 Linker
  • 2984 Views
  • 1 replies
  • 0 Likes

Resolved! By using LAN unable to connect VPN

Hi Experts, I have installed Global Protect VPN client. When I'm trying to connect VPN it is throwing an error "Server Certificate is invalid".When I connect mobile internet or internet dongle to my machine I can connect VPN. But when I connect through LAN it is giving the error. Can anyone please help me to overcome this issue? Thanks in advanc...

Prasuna by L1 Bithead
  • 4372 Views
  • 4 replies
  • 0 Likes

How to get IP public of GitHub

Hi All I am considering to use Minemeld in company with Palo Alto Firewall. I tested it and I saw it support to get IP of AWS, Google Cloud, Azure but I didn't see GitHub. So how I can create custome Miner to collect IP public of GitHub. Please help me to resolve it. Thanks, Giang Le

Resolved! Page not loading properly

Hello, We have a simple rule placed at the top allowing users to connect to Netflix. However, the page is not loading properly. No SSL Decryption in place. How to fix the issue?

Screenshot.png

Unauthorized Access

Hi All, we had an unauthorised access to our firewall, after the access all the logs in the firewall have been deleted and configurations have been changed and committed. we need to which credential are used to login the firewall. Now we found the ip address as well as what changes are they made. there is any other chance for restoring the del...

Admin Roles - Read Only

I am trying to create a admin role on the PA device and select things in the webUI to be read only. When I check these items I get enable and disable options but not the read only option icon option? Is there something I am missing here?

Resolved! Unable to access PA via Web GUI-0 ERROR: websrvr: Exited 4 times, waiting 360 seconds to retry

Unable to access PA via Webgui System log shows 2019-05-19 22:43:35.301 -0600 INFO: l3svc: exited, Core: False, Exit code: 12019-05-19 22:43:35.570 -0600 ERROR: l3svc: Exited 4 times, waiting 330 seconds to retry2019-05-19 22:43:35.787 -0600 INFO: websrvr: exited, Core: False, Exit code: 12019-05-19 22:43:36.060 -0600 ERROR: websrvr: Exited 4 ti...

MP18 by Cyber Elite
  • 10289 Views
  • 4 replies
  • 0 Likes

Resolved! Getting this from Vendor device eventid eq ike-recv-p1-delete

After Phase 1 success as Responder in PA I am getting below event id ( description contains 'IKE protocol notification message received: INITIAL-CONTACT (24578).' ) and ( eventid eq ipsec-key-expire ) eventid eq ike-recv-p1-deletedescription contains 'IKE protocol phase-1 SA delete message received from peer. cookie:5b34d3ab8d000c44:6d1b2079...

MP18 by Cyber Elite
  • 11058 Views
  • 7 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels