General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Custom URL Filter - Site Definition Format

We started using Custom URL Categories, and it seems when we define a site, we have to add both a wild card to cover any subdomain, and a / to cover all URI/URL of the domain, IE:*.acme.corp (To cover subdomains)acme.corp/ (To cover all URLs/URIs to the domain) My question is (I'm getting into this deployed late) is that my predecesso...

Resolved! GUI does not show system logs

On GUI i see traffic logs but no system logs.LAst system logs are from yesterday. Ran the below command show log system direction> equal equaladmin@EOCDC-G3-NGFW-2(active)> show log system direction equal backwardTime Severity Subtype Object EventID ID Description=============================================================================...

MP18 by Cyber Elite
  • 5732 Views
  • 4 replies
  • 0 Likes

How do I see what the value of variables on remote firewall from the command line?

I've had a problem when I change the value of a variable for a firewall in Panorama, for some reason it doesn't get pushed to the remote firewall. I can log in to the GUI of the remote firewall to see the variable value where it's applied in the config. But, that takes a lot longer than if I could see it in the CLI. For example, I have a ser...

vickif by L1 Bithead
  • 3874 Views
  • 1 replies
  • 0 Likes

UserID

Hello Is Userd Identification feature works only whith Active Directory users account or also with Computers accounts ? I would like to create a security rule who allow access on our internal ressources only for computer with an active computer account in our AD and for computer without an valid computer account or disable account, the traffic m...

Knowledge Base Single Sign-On Error

Hello! Every few days I get this error and can't access knowledge base. It is VERY FRUSTATING!!!! Error started to appear after last tool upgrade. Does PAN have mailing list for resolving partner access issues? Regards,Maja

Capture.JPG
mkopcic by L2 Linker
  • 3391 Views
  • 1 replies
  • 2 Likes

Resolved! Open port

I need to create security rule and/or not to allow port 6965 to a device. Do I need both a NAT and security rule? Need to find out from vendor if port is TCP, UDP or both. I have PA-3020 running PAN-OS 8.0.13.

Asymmetric traffic and URL log retention

shown below is my log storage quota settings. My traffic logs can show past 16 days data but URL filtering logs has only past 8 days data. how can I ensure I store same log retention period for traffic and URL filtering?

log db.PNG

Resolved! Minemeld with AWS Guard Duty Integration

Hi, I just went through the python extension install successfully of the Guard Duty miner for Minemeld. It looks like it installed successfully, but after I restarted Minemeld I can't see anything. I create a role for my Minemeld instance to have access to Guard Duty. Is there something I am missing in this install that would get this in...

Artman by L1 Bithead
  • 4333 Views
  • 2 replies
  • 0 Likes

Resolved! Active/Active Firewalls and Panorama Templates

So I'm trying to keep firewall configuration as much in Panorama as possible. With Active/Passive I can accomplish this with one template per firewall pair. With an active/active firewall pair will I need a template stack to do this? One template per firewall, then a template to cover both, in a template stack? Is there an easier way to do this,...

tcasw86 by L3 Networker
  • 4659 Views
  • 1 replies
  • 0 Likes

Feed with mixed IP \ domains

I have an IoC that is a mixture of IP addresses and hostname\domains; what is the best way of handling this? The processed output will be a mixture of PA firewalls and other non-PA systems so, to be absolutely sure I'd like to split them out. The best way I can think of is to create 2 miners and use regex filters to access the same feed twic...

apackard by L4 Transporter
  • 3126 Views
  • 1 replies
  • 0 Likes

Resolved! Email alert for Logs not generated in GUI

Currenlty we do not get email alert notification for logs being not generated on the PA.We have configured email alert for system. Is it possible to get the email alerts when PA stops generatingt the logs like traffic or system in gui?

MP18 by Cyber Elite
  • 3771 Views
  • 3 replies
  • 0 Likes

Import XML FW config from desktop to Panorama?

Scenario: I have a new firewall out in the field, I'd like to put a basic configuration on the FW in the field including the Panorama server IP. I'd then like to log into Panorama and import the config from my desktop and then push the full config to the FW in the field. I have searched and do not see anything of this nature. Seems like a pretty...

Panorama and firewall configuration synchronization

Hi! Does anybody know, if Network or Device configuration is changed localy on the firewall, will that change will be seen in Panorama automatically? Will firewall synchronize localy config changes with Panorama?For example. If I add new static route on the firewall (firewall is managed with Panorama), will that route will be synchronized with P...

mkopcic by L2 Linker
  • 12091 Views
  • 4 replies
  • 0 Likes

Resolved! email attachment

Hi community, can anyone clear my following doubts.I have a mail server behind my PA, i am not doing ssl for mailserver communications.i have antivirus & wildfire profiles applied for inbound and outbound connections to this mail server.what if i get a mail to my server having malicious url inside mail( PA allready knows it as malicious, hop...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels