General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 417 Views
  • 0 replies
  • 2 Likes

Resolved! SSL decryption troubleshooting - decrypt-cert-validation

I have been working with SSL decryption over 4 month on testing team.

 

Most of the traffic is OK but I see some of the traffic are being Aged-Out and some and decrypt-cert-validation as the session end reason.

 

Tried to do packet capture without seeing

...

2018_09_26_14_53_27_Certificate_Error.jpg
2018-09-26 14_57_38-trs.pcap.jpg
2018-09-26 14_56_41-rcv (2).pcap.jpg
2018-09-26 14_55_59-fw (2).pcap.jpg
SShnap by L3 Networker
  • 27684 Views
  • 5 replies
  • 0 Likes

Resolved! QoS and SSL decryption questions.

Seems some of our customers are trying to slow down youtube, facebook etc. without SSL decryption.

 

The confusing part is in the logs these show up as youtube-base, facebook-base etc but only sometimes and then other times they show up as SSL.

 

So is u

...

1Gbps support for PA-500

Hello, 

 

We decided to upgrade our internet line to 1Gbps from current 100Mbps and now we are using PA-500.

 

As PA-500's Threat prevention throughput is 100Mbps, does it mean we only have 100Mbps(transmission speed) even the PA-500's interface capacity

...

qd_056 by L2 Linker
  • 2897 Views
  • 3 replies
  • 0 Likes

Problem with MS Exchange 2016

hello

we have EXCHANGE server at TRUST zone.When we try to make SSL inbound inspection to this server active sync does not work and even when we try to open OWA via browser we get an error

 ERR_SSL_VERSION_OR_CIPHER_MISMATCH
 

Is there any idea where can

...

Radmin_85 by L4 Transporter
  • 4112 Views
  • 4 replies
  • 1 Likes

Resolved! Replacing office 365 from XML and RSS with Restful API

Hi all, 

 

In view of the changes Microsoft is going to make in future as describe in the following link, would the current miner for O365 still works?

 

https://support.office.com/en-gb/article/managing-office-365-endpoints-99cab9d4-ef59-4207-9f2b-3

...

chtoh82 by L2 Linker
  • 15804 Views
  • 12 replies
  • 1 Likes

Yahoo Mail Client

We recently started experiencing a problem with Yahoo app on Android devices or the Yahoo client from receiving email through our PA's.  Has anyone experienced a similar problem?

 

Thanks in advance.

Raimson by L0 Member
  • 2248 Views
  • 3 replies
  • 0 Likes

Resolved! routing problems between wans and lan

I recently inherited a Palo Alto PA-3020 in a place i've been working and I'm wondering if anyone would be able to help me out on a config error i've been having I'm trying to get a setup like in the visio diagram below but there seems to be some rou

...

Drawing1.png
kclarke6 by L1 Bithead
  • 3401 Views
  • 5 replies
  • 0 Likes

Resolved! app-id changed for mssql-db-base

We just noticed that what used to show up as mssql-db-base is now showing as mssql-db-unencrypted. Yep, this is internet stuff that we know is not encrypted so that makes sense and the first thing I did was check to see if there wasn an app-id update

...

2018-09-26 15_29_15-a little digging - Message (HTML).png
hshawn by L4 Transporter
  • 11371 Views
  • 1 replies
  • 0 Likes

Aerohive Log / User IDs / Device Mac

Hello,

 

we have some Aerohive WiFi access points and they are managed with the HiveManager.
Now when a user logs on to a WLAN SSID with his hive user and then surfs, you only see the internal IP of the access point in the Paloalto Log. If several users

...

Teamviewer is not blocking

Hi,

 

I have PA-820 with fully updated signatures, I have blocked Teamviewer via security policy. PA is recognising the application and traffic log showing that teamviewer connection is blocked but on host machine teamviewer is running and outbound / i

...

Okta Admin Authentication on HA deployment

Hi,

 

I have configured multiple Active/Passive firewalls for Okta SSO (admin authentication) this is working as expected on the active devices, however I was planning to use a separate authentication profile for the passive devices. Everytime I push t

...

PA-3220 HSCI port's LED is not light up

I've got two new PA-3220s in HA (active/passive). Active firewall's HSCI port does not light up green LED, whereas passive light up green. I used an SFP+ and MM cable (tried Twinax as well). I have a replaced firewall for active firewall, but it stil

...

Active_No HSCI LED.jpg
Passive_HSCI Ok.jpg
  • 23695 Posts
  • 110 Subscriptions
Top Solution Authors
Labels