General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 421 Views
  • 0 replies
  • 2 Likes

Resolved! GlobalProtect - To which ethernet interface? WAN Facing?

Greetings,

I am setting up GP on a small home office PA220 .  I have a single E 1/1 Untrusted L3 interface that is internet facing.

My logic tells me this interface should have the GP configured on it.  However, the documentation and video turtorials d

...

catrock by L2 Linker
  • 5156 Views
  • 6 replies
  • 0 Likes

Almost all traffic identified as unknown-tcp?

We are seeing some of our Palo's periodically logging (almost) all traffic as unknown-tcp.

 

As the traffic is being allowed through (and logged against) rules that do not allow it we assume this is a problem with the logs, rather than traffic being mi

...

apackard by L4 Transporter
  • 4213 Views
  • 4 replies
  • 1 Likes

Resolved! Flags field in csv file

i have a question about flags in csv log.

 

 

 

do you know what does mean Flags 0x19?

in NTP OR DNS logs, flag is 0x19.

Thanks.

20180802_154251.png
hbshin by L2 Linker
  • 9518 Views
  • 8 replies
  • 0 Likes

Application dependency behavior

Rule 1 blocks apps A & B

Rule 2 allows the same apps as they are included in an application filter, along with otyher apps.

 

Why do i see app dependency warning for the apps that are blocked by rule 1, & how can i resolve this.

 

Rule 1 allows apps A & B

...

raji_toor by L4 Transporter
  • 2269 Views
  • 1 replies
  • 0 Likes

OSPF Issue in 8.1.1

Hello,

 

I am facing a flapping issue in OSPF, where the neighbor keeps going up and down, I tried adding a static route but the connectivity still drops packets between two devices behind the firewall on one side and behind the other mpls router on th

...

u-turn - why?

Hello,

i'm moving complex configuration from Juniper's ISG2000 (ScreenOS) to PA-5220 and i faced a problem with internal servers (in DMZ zone) which should be available for everyone (including our own employees) on public IP addresses.

 

On ScreenOS it

...

MarcinR by L1 Bithead
  • 7270 Views
  • 9 replies
  • 1 Likes

Decryption and Firefox

Greetings

 

From my research into useing decryptiona nd the SSl certificate.

I believe I need to manually install the certificate for each user?

 

Is there not a better way?

 

As a School that equals 100 users and about 300 PC's.

 

If there is not a better wa

...

Wykeham by L1 Bithead
  • 4032 Views
  • 4 replies
  • 0 Likes

TLS 1.3 support

 

When can we expect PANOS to support TLS 1.3 for SSL Decryption and WebUI management ?

 

Firefox will have TLS 1.3 on by default with Firefox 52.   Chrome 56 already have TLS 1.3, but Google paused the roll out at this point, due to other vendor proble

...

Resolved! UIA 8.1 issue

I have two different customers who hits same issue.

One user is using PAN-OS 8.1.3 and UIA 8.1.3-10,

another is using PAN-OS 8.0.12 and UIA 8.1.3.-10.

 

The issue is that UIA detects user info as three types of formats like...

1) domain\user (this is same

...

emr_1 by L5 Sessionator
  • 2587 Views
  • 1 replies
  • 0 Likes

Resolved! upgrading active passive panorama from 8.0 to 8.1.3

panorama is in active passive mode.

need to upgrade from 8.8.x to 8.1.3

 

so i can upgrade the passive device first all the way from 8.0 to 8.1.3?

then do the failover then upgrade the previous active one??

 

also panorama can still manage the PA running 8

...

MP18 by Cyber Elite
  • 1806 Views
  • 1 replies
  • 0 Likes

HA sync time

I have 400 rules and it takes my PA 5050 HA pair 4 minutes to sync, that seesm long to me anyone else know their sync times or what should be a reasonable time?

jdprovine by L4 Transporter
  • 4394 Views
  • 8 replies
  • 0 Likes

GlobalProtect Install issues

having a bit of a weird issue.  I believe it may be related to some of my security setting in GPO, but I can't tell what. 

 

When users download one of the 4.1 releases of the GlobalProtect clients, the install will go through the first screen or two,

...

  • 23695 Posts
  • 110 Subscriptions
Top Solution Authors
Labels