General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Out of disk space

Hoping someone can help me. I have a PA-200 which has run out space in the root filesystem. admin@f-lonftz-pawireless2> show system disk-space Filesystem Size Used Avail Use% Mounted on/dev/sda2 1.9G 1.8G 0 100% //dev/sda5 6.6G 3.9G 2.4G 63% /opt/pancfg/dev/sda6 1.9G 1.1G 778M 58% /...

Panorama and active/active configurations

Hi, Recently, we added more PA devices to our infrastructure and we decided to start using Panorma to manage all these devices.So far, we haven't experienced an improvement in efficiency or user/admin friendliness. Let me (try to) explain:We have two firewalls who are configured as an active/active setup. (No panorma yet).These firewalls had to ...

mvdven by L1 Bithead
  • 2735 Views
  • 1 replies
  • 0 Likes

Certificate attached to non existant security profile

Hello, I've encoutered a problem regarding the deletion of a Certificate. When i try to delete it i get the following error message:1- Failed to delete certificate - xyz xyz cannot be deleted because of references from: ssl-tls-service-profile -> xyz-ssl-tls-service-profile -> certificateWhen i travel to the SSL/TLS Service Profile...

steven.m by L0 Member
  • 3438 Views
  • 1 replies
  • 0 Likes

Custom extensions for file blocking

I've got our PA setup to block file types that are risky. But, I've found a problem with Symantec LiveUpdate pulling down the update files it needs. It uses a couple odd file types that aren't in the list as types that I can allow for a profile. Is there a way to add custom file extensions that I can use to match against, or is there another ...

Problem with GlobalProtect password.

Hello all!If we put a sterling pound (£) symbol in a user password, the authentication fails. We are using GlobalProtect 4.1.8 and use a RADIUS server running Microsoft Azure MFA server on the authentication profile of the GP gateway, with just an LDAP profile on the portal. Is this related to a GlobalProtect bug?Thanks in advance!

Global Protect Client 5.0 for Windows and Mac

I'm looking at the release notes for the Global Protect client for Windows and Macs, now at 5.0.1 Am I missing something ?What is the reason for the 5.0 client?I don't see that there are any new features, or changes in behavior. Or is it simply that 4.1 is at the end of maint ? Greg

gefuchs by L1 Bithead
  • 2281 Views
  • 1 replies
  • 0 Likes

Limit download file size with specific response message

Hello Guys, I succeed limit the download file size with the following KB: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClhHCAS However currently the user is alerted with the antvirus response page. Is there a way to provide him a specific response message and not apply the antivirus one? Thanks. Best regards

kasito by L1 Bithead
  • 5022 Views
  • 2 replies
  • 0 Likes

Resolved! Receive ping count 0

I've allowed ping traffic from an external source to the outside interface IP.When they try to ping the firewall, I see allow traffic on the correct rule, but it only shows a send count >0 and the receive count remains 0. Also they report they do not receive the responses.How is this explained?I would expect to see a receive count to be at le...

CHKlomp by L2 Linker
  • 5788 Views
  • 5 replies
  • 0 Likes

IKEv2 Mobility and Multi-homing Protocol (RFC4555) Support

Did a quick search on this but couldn't find anything on this topic. Do any of the PAN firewalls support IKEv2 Mobility and Multi-homing Protocol (MOBIKE), specifcally RFC4555? I noticed that Cisco ASR5500 platform has support for this, so I'm curious if the PANs support this RFC. If not, are there any plans to do so?

Resolved! Global Protect Gateway communication

Does anyone have insights into how often the client will talk to the gateway if used only for user-id and not utilizing a tunnel? I know you can set the portal refresh time, but how often does the client actually talk to the gateway after grabbing credentials of the current user when logged in? I ask, because we are testing some 3rd party VPN ...

Sec101 by L4 Transporter
  • 3379 Views
  • 1 replies
  • 0 Likes

Redistribution Profiles - Source Types

Hi. I need to redistrubute some routes (loopbacks, and statics) into BGP. Are their any advantages to having the source type as static vs connected under Virtual Router - Redistrubtion Profile - then go into Redistrubution Profile - Source Type. Thanks.

  • 24401 Posts
  • 123 Subscriptions
Top Solution Authors
Labels