Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
jforsythe by Community Team Member
  • 27 Views
  • 0 replies
  • 0 Likes

Resolved! Palo Alto - Dynamic Updates

Hi !

 

I'm new to the Palo Alto Firewalls. I have query about the content updates for the PA Devices has TP licenses. We are pushing updates through Panorama.

 

Q1: I can install only  one Active AV or threat updates to the firewall . Since this the new

...

gpsriram by L1 Bithead
  • 1804 Views
  • 1 replies
  • 0 Likes

Resolved! Captive Portal and MFA

 

I have configured captive portal with MFA.

Primary auth method is radius and secondary is duo-security.

 

Under network  

 

Global Protect

 

Portal config is done

 

Do I need any config under gateway???????

 

My understanding is that we need  gateway config on

...

MP18 by Cyber Elite
  • 1887 Views
  • 1 replies
  • 0 Likes

Resolved! Purpose of Authen Profile under Global Protect Gateway

 

We have configured MFA using CP and using RSA as Second  authen.

 

Under Network

 

Portal                   Authen--------------Radius

 

Gateway             Authen ----------------Radius

 

Under Device

 

CP  -  Authen ---------RSA

 

Why we need Authen profile u

...

MP18 by Cyber Elite
  • 2125 Views
  • 3 replies
  • 0 Likes

show counter global filter delta yes -----drops

when i run command

 

show counter global filter delta yes

 

i see below counters incrementing  need to understand which are these drops and why PA is dropping these packets?

do they impact the performance of the PA?

 

flow_tcp_non_syn_drop    

 

flow_fpga_egr

...

MP18 by Cyber Elite
  • 4055 Views
  • 2 replies
  • 0 Likes

Resolved! logical int counters - packets dropped

 

 

Logical interface counters read from CPU:
--------------------------------------------------------------------------------
bytes received 21513660
bytes transmitted 2835
packets received 358561
packets transmitted 21
receive errors 0
packets dropped 35853

...

MP18 by Cyber Elite
  • 4049 Views
  • 4 replies
  • 0 Likes

Palo alto HTTPS decryption?

Hi all,

 

I am using PA-850. I configure to decrypt HTTPS, and use AD group policy to install certificates on client, it works well with AD users. but we have other situation that client is not AD users. do we have any ways to redirect client to the UR

...

Chivas by L2 Linker
  • 4449 Views
  • 6 replies
  • 0 Likes

Resolved! Wildcard certificate on PA firewalls

Hi Team,

 

I'm trying to create a CSR in Panorama in order to get a wildcard certificate from our third party CA.

 

In order platforms, I define as common name the format *.mydomain.com but in Palo Alto I'm getting an error: Failed to generate certificat

...

Stickied post for recommended versions?

Just wondering since this is a topic that comes up often and I actually just asked TAC about it myself, should we maybe have a stickied post on here that documents the recommended versions for each software track?  I realize Palo Alto doesn't publish

...

jsalmans by L4 Transporter
  • 2939 Views
  • 3 replies
  • 3 Likes

Resolved! Real time alerts for threats?

Is there such a thing with PAN?  IE if the logs generate a critical alert can is there some logic to fire an email or generate a report with the relevant information? 

drewdown by L4 Transporter
  • 5982 Views
  • 10 replies
  • 0 Likes

App id “Non-syn-tcp”

I see a lot of non- syn-tcp from from few specific zone. I am sure that there is no asymmetric routing. If that has to be the case how to determine exact causing factor.

Thanks

Sanssj by L2 Linker
  • 5218 Views
  • 3 replies
  • 0 Likes
  • 23584 Posts
  • 107 Subscriptions
Labels