Resolved! Security Policy for OpenVpn
which application should i allowed for OpenVpn??
which application should i allowed for OpenVpn??
Currently we have 2 M500 running in log collector mode. All the Firewalls are sending logs to M500 on its Management interface .Panorama M100 also talk to M500 via its Management interface. Currenly seems our traffic has increased and we are send lot of logs to M500 on its Management Interface. So I need to use Eth1 and Eth2 on each M500 for lo...
Tonight we got email alerts that our firewalls are disonncted from the log collecors-M500 Below is ms log from the PA 2019-04-05 01:38:55.024 -0600 MS: disconnected from log-collector. waitcount=12019-04-05 01:38:55.024 -0600 lcs agent: channel teardown (to 10.7.1.139) complete.2019-04-05 01:38:55.035 -0600 Error: pan_conn_ext_send_base(cs_conn....
We have PA 3020 in Active PAssive mode.We have link monitoring enabled on both PA for uplink and downlink. For some reason I need to change the uplink connection from passive PA to the uplink switch. Need to know if we unplug the fiber connection from PAssive PA and replace it with new fiber connection before doing this 1>Should I suspend th...
Hi, Is there a dynamics page that has all the past tips and tricks post ? The search function just does not work for me.. Thanks, E
I need to create a VPN tunnel between my PA firewall with a regular external IP address and a remote non-PA peer that is behind some equipment (no details) and only has a local 172.17.x.x address. Is this possible? If it is possible, do I use the external IP of the remote site even though the VPN connection will not be with that IP address? I'm ...
Hello!I have a question regarding the show interface command.When you enter for example "show interface ethernet1/3" to see the information of that interface, you can eventually see counters for receive errors or drops. Are these errors counted from the last time data plane was restarted?And is there an option similar to "filter delta yes" for p...
Hi Everyone,Is anyone aware of any plans by Palo to introduce a Cloud based version of Panorama?Devices could be licensed in a similar way to the update subscriptions annually? Ideally if this were integrated into the Customer Portal management of Assets/Licenses/Panorama etc could all be done in one place? What would be the "Pro's/Cons"? Welcom...
Is it possible to create an object in panorama that can be reused in multiple templates that is literally just tied to the ip of an interface on that device? For example, eth1/1 has address 1.1.1.1Object should just reference eth1/1Object can be used in template that can be reused for multiple devices.
Hi, We facing an strange issue regarding filtering to some destinations. We have a rule with 2 kinds of destination address:1. Static Group Address defined in Palo Alto2. External dynamic list (2 of them)Those address are attached to a deny rule because are malicious url. When take a look to the traffic log, we see that traffic hits the rule but...
Anyone using a 3rd party app to generate user activity reports from Palo logs? The report I get from Palo is not that interactive and informative.
Hi Experts , We have existing rule for "Syslog" application ,our current security polcy with App-id and services configured as below , Application - "Syslog" ( default application which allows TCP 1468, TCP 1514, TCP 6514, UDP 514 and UDP 1514 ) Service - "application-default" Now we have a requirement to additionally add TCP-514 and U...
Hi, I am some what confused and reaching out for a little help. We have a pair of 3020s in Active/Passive mode with two interfaces, DMZ (Ethernet1/1) & Public (Ethernet1/3). HA is configured to use dedicated HA Ports and all indicators on the dashboard are Matched and UP. When I manually suspend the Active device, the Passive device becomes ...
Hello,We are going to migrate from Traps ESM to Traps Management Service.After this, we want our helpdesk to administrate Traps, but we do not want to create a palo alto account for every user. Now I found some information about the Palo Alto Directory Sync Service, but unfortunately a login to TMS is not mentioned in the documentation.Is this n...
According to Documentation, https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/monitoring/use-syslog-for-monitoring/syslog-field-descriptions/traffic-log-fields.html The field Flags is a 32-bit field that provides details on session; this field can be decoded by AND-ing the values with the logged value. In my Traffic Log: <14>Apr 3 ...
| Subject | Likes |
|---|---|
| 4 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 4 | |
| 3 | |
| 2 | |
| 2 | |
| 2 |

