General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Failed to sync PAN-DB to peer: Peer user failure

Hi, I have 2 PA500 (7.1.5 PAN-OS) In Active-Passive HA and since I upgrace from brighcloud to PAN-DB I have lots of mails complaining about "Failed to sync PAN-DB to peer: Peer user failure."

 

I see that not all atemts to update de passive device fail

...

ARM by L1 Bithead
  • 3248 Views
  • 4 replies
  • 0 Likes

Adding new virtual disk for logging - doesnt added

hello.we have virtual applaince.and we want to increase disk size for our virtual appliance for logging

 

i did everything as described here

 

https://www.paloaltonetworks.com/documentation/70/virtualization/virtualization/set-up-a-vm-series-firewall-on-

...

Screenshot_1.png
Radmin_85 by L4 Transporter
  • 880 Views
  • 1 replies
  • 0 Likes

RFC1918

Basic trust to untrust policy I see internal address sending snmp to addresses like 10.0.0.1, 192.168.1.x.

 

Do people create a policy to block internal traffic going to RFC1918 on the untrusted interface?

Resolved! URL in a rule

Can you create a security rule that allows access from a specific IP address/laptop to a specific URL address? No we do not have the licensing for URL filtering

jdprovine by L4 Transporter
  • 2228 Views
  • 12 replies
  • 0 Likes

Can't access Minemeld feeds from PAN OS 7.1.11

Hello -- I did a manual install of Minemeld on Ubuntu 14.04. That is working in the default setup. The miners are working and there is data in the inboundfeedhc feed. Nothing in the LC or MC feeds.

When I try to add the url of the inboundfeedhc as a

...

url_access_error.png
sonet by L2 Linker
  • 3622 Views
  • 4 replies
  • 0 Likes

Resolved! Assign Secondary Public IP address

Hi

 

I got a new internet connection through router, the firewall-router connection use private subnet, but I got a public subnet from provider which I will route to the firewall private IP.

Since I will configure SSL-VPN, then I have to assign the exte

...

myasin by L2 Linker
  • 5697 Views
  • 4 replies
  • 0 Likes

How to change syslog timestamp format

Hi,

We are using syslog forwarding to SIEM system from our PA. Logs were in this format:

 

1,2017/09/06 23:59:59,007100001147,TRAFFIC,end,0,2017/09/06 23:59:59,X.X.X.X,Y.Y.Y.Y,0.0.0.0,0.0.0.0,Firewall To NTP,test\paloalto,,dns,vsys1,Inside,Inside,ethern

...

Resolved! Blocking MAC OSX on Palo Alto

Hi All,

I have a scenario where i would like to block users on the basis of os they are using. Example, if someone is using OSX, they should be blocked. Any suggestions if that can be achieved.

 

Kind regards

 

Imran 

Brighton 

UK

Setting up a L2TP/IPsec VPN

Hi All,

 

Im trying to setup a L2TP/IPsec VPN behind our PA FW, using RRAS.

I have allowed application ipsec and i can see that port 500 and 4500 are being allowed when i attempt to connect.

I have also set up NAT rules for ports 500,4500,1701 from untru

...

How to Troubleshoot LDAP Authentication in PanOS 5

I keep going through the steps for LDAP auth for admin access and keep getting this generic invalid username and password. I can browse the group mapping tree so I know the communication is there, I have verified my security group is in the allow lis

...

Resolved! Suppress discovery notifications in Windows10

Hi, I'm an IT for a enterprise company and one of my users are tired of getting discovery notifications from the Palo Alto client. Basic windows blocking don't work and I found this site from Palo Alto that is 404. https://www.paloaltonetworks.com/do

...

p4lm4r by L0 Member
  • 795 Views
  • 1 replies
  • 0 Likes

Resolved! How to setup IPSEC VPN tunnel between PA-3020 with PA-200

I would like to know if there is a way we can setup two PA to talk over VPN for eg:

1- PA-3020 at HQ .

2 - PA-200 in our branch office.

I would like my PA-200 to connect with PA-3020 over IPsec VPN and at our branch office we have DSL connection. If som

...

RonaldB by Not applicable
  • 2065 Views
  • 4 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors