General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 88 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3331 Views
  • 2 replies
  • 14 Likes

App id “Non-syn-tcp”

I see a lot of non- syn-tcp from from few specific zone. I am sure that there is no asymmetric routing. If that has to be the case how to determine exact causing factor.

Thanks

Sanssj by L2 Linker
  • 4447 Views
  • 3 replies
  • 0 Likes

Resolved! OSPF Inbound Route Filter

Hi,

I see in the admin guide that it is possible to filter the default route so that it is not learnt by the OSPF process.

Is there any way of applying a more granular filter so that I can restrict the Palo Alto OSPF process to only learn 10.0.0.0/8 ro

...

adevine by L1 Bithead
  • 8144 Views
  • 7 replies
  • 0 Likes

Resolved! Qos on application and class 1 and 4

I have created qos policy for application http-video and is defined in class 1

 

However when i run below commands

show session all filter application http-video qos-class 1

 

show session all filter application http-video qos-classs 4

 

I see the applicati

...

MP18 by Cyber Elite
  • 2162 Views
  • 3 replies
  • 0 Likes

leaf and spine and security

Hi,

In a spine and leaf ( vpc ) ,where we should place the firewall  to protect the data center ? 

If  we use layer 3 firewall  all routing  process will be shifted to the fw, spending huge amount on spine won't be beneficial ? 

Layer 3 or layer 2  reco

...

sib2017 by L4 Transporter
  • 3387 Views
  • 1 replies
  • 1 Likes

CIDRs/IP-Ranges removed from STIX/TAXII output node

Is there a way to force the STIX/TAXII output node to list CIDR/IP ranges as single IP addresses? Qradar is unable to utilize these inputs and is causing errors upon ingestion. 

 

I've read comments that suggest removing miners that contain these typ

...

Route & Path Selection

I have a Cisco backround & I am currently studying Virtual Routers & Static Routes in the PA 8.0 admin guide.  I am trying to understand how Metrics are used in the firewall because it sounds like Administrative Distance does the same thing.  Can som

...

Resolved! Global Protect - Linux Fedora , CA trusted cert error

Hi There,

I'm having the same issue but not on self signed certificate and on linux ( Fedora 29) 

Global Protect is configured with the certificate signed by the Authorized CA.

The Chain is:

DigiCert Global Root CA
DigiCert SHA2 Secure Server CA

Server cer

...

Resolved! qos traffic stats - regular traffic and default group

created qos for application and apply it to class 1

 

it is applied to the interface with 10Gig lan connection.

 

traffic stats shows default group====regular traffic==40 --- assume 

 

does it mean that total traffic going via interface is  40?

 

also defaul

...

Capture1.PNG
MP18 by Cyber Elite
  • 4248 Views
  • 5 replies
  • 0 Likes

Auto Focus Question - File Hashing

I need to know if AutoFocus can give a file hash field in the log event entery when it sees a file come through.

 

This file hash will allow us to answer two use cases that we are currently working on, if the file hash is displayed in Splunk, when the

...

Global Protect Certificate

Hi

 

I configured global protect, but when clients try to connect through the agent, they got "Gateway "name":The server certificate is invalid, please contact your IT administrator".

 

For the configured certificates, I configured self-signed certificat

...

myasin by L2 Linker
  • 4169 Views
  • 3 replies
  • 0 Likes

Change Management IPs

Hi

 

We have Panorama managing 6 PA FWs (3 HA Clusters). We want to change the management net of Panorama and Firewalls.

Now logically we will change management IP of Panorama first. Then the Firewalls will lose connectivity and probably logs will be lo

...

PA-200 HA Sync

Hi,

I have a message when I attempt to run a commit:

 

"The running configuration is not currently synchronized to the HA peer, and therefore, this commit will only be applied to the local device.

Please synchronize the peers by going to the dashboard an

...

sync.jpg
s_quasar by L3 Networker
  • 4266 Views
  • 15 replies
  • 0 Likes
  • 24125 Posts
  • 100 Subscriptions
Top Solution Authors
Labels