General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Publishing website issue.

Hi Experts,I am trying to publish a website, the webserver is behnid my Palo alto, i created NAT rule from public IP to be natted to the internal webserver IP address. What is starnge here is that i am not able to see my traffic when trying to reach the website from external. I was testing from my mobile so i put in Montior traffic tab source is...

PLEASE HELP.. same config but not working! from PA 3050 to PA 3220

Dear experts, I am moving from PA3050 to PA3220. I did export the current configurations from the old PA3050 and imported to the new PA3220, i committed successfully, but when i migrate cables from old device to the new one i get random issue! like some zones are not reachable, like i have ping to internet and telnet and traceroute but i can't b...

Old certificate showing even after new certificate mapped to the ssl profile

Hello, We are using Software Version - 8.0.8, Global Protect Agent - 4.0.4 One user is able to connect the VPN through portal but when accessed the URL from the internet still seeing the old certificate after new certificated mapped. We tried to reinstall the GlobalProtect client by accessing the GlobalProtect portal so the client pulls the late...

Resolved! Recommended PAN-OS version

Hello Please need to know the recommended upgrade PAN-OS version from Paloalto for PA-3020. Appricate your help Thanks

DPWorld by L1 Bithead
  • 7764 Views
  • 2 replies
  • 0 Likes

Preventing Split-Brained Monster, HA Failure Technique Idea?

I am trying to develop a technique to handle HA failure conditions, between two PA units, in an "Active/Passive" configuration. What I want to try is to connect an HA1 link to an intermediate switch. By default, what I notice is that if I take down the link between the primary PA box and the L2 switch, the PA backup unit will then become "Active...

pa-test.png

Global Protect connects even machine certificate not present in store

Has anyone encountered this issue ? https to portal interface IP gives an error "Valid client ceriticate required".GP users are still able to connect to GP VPN even if machine certificate not present in store. I have Global protect Portal configuration > Agent > App > Client Certificate Store Lookup as "Machine".

File Blocking applications

What is the reason that the Applications field within File Blocking Profiles only allow a subset of all applications? For instance, I have a file blocking profile that alerts on several file extensions for webmail applications I've specified, and I'm trying to add meetup-email, startmail, and zimbra, but these are not available. I thought perha...

Resolved! Mitigating CVE-2019-5786

Anyone know which Content Update (released or upcoming) might contain a mitigation for CVE-2019-5786? Description: https://www.helpnetsecurity.com/2019/03/06/chrome-cve-2019-5786/ Cheers

Resolved! Global Protect and no Source User Identified

I have a user with Windows 7 and Global Protect who couldn't get to an internal web site. When I went to look in Monitor/Logs/Traffic I could see that the Source User field was blank and therefore not hitting the anticipated allow policies. He says it's a corporate laptop. Any other common issue that would prevent the domain/user ID from being r...

Resolved! GlobalProtect Multiple Portal Support

I have GlobalProtect 4.1.3-8 and durning the install I added to portails and there is now a portal selection at the bottom but ater make a connection it is always grey and I see no wat to log out of the current connection. This is on a Windows 7 install so I'm guessing it works in Windows 10 or I'm missing a disconect option someplace. ???

Tanquen by L1 Bithead
  • 16950 Views
  • 11 replies
  • 0 Likes

Pushing Local Admin Accounts from Panorama

Hi, Please forgive me if this is a stupid question as I am quite new to Palo Alto firewalls and Panorama. We currently have Panorama running on PanOS 8.1.6 and the same for our firewalls. We are using AD accounts for all our Administrators using radius authentication which works fine but we are discovering things that we cannot do with them and ...

Can't push template stack to PA-220 (getting new errors every time)

Can someone help me configure this firewall from Panorama? I created a template stack and added 2 templates to it. The first template is a global template which has all the standard settings on it (banner, time zone, etc..). The second template above is a site specific template that has zones, interfaces, etc... Everytime I commit & push...

Capture.PNG

Browser for Panorama

Curious which browsers people might be using for Panorama. I find Edge becomes too slow, Chrome I have issues where all of a sudden I can't scroll to the bottom of the rule base especially if you expand the zoom greather than 100%. With Firefox it gets slowed down as some of the scripts run long. I'm running a VM version of Panorama(8.1.5) on ...

gzygadlo by L1 Bithead
  • 3183 Views
  • 1 replies
  • 1 Likes

Application ID accurate on encrypted traffic?

Does the PA do application identification for SSL encrypted traffic without if we aren't doing SSL decryption? For example if a user watches an encrypted youtube video, is the PA able to identify that traffic as youtube, or will it be reported as ssl?

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels