General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Zero indicators in inboundfeed

I am trying out minemeld and I started by adding miner (zeustracker.badips) and removing the default dshield and spam nodes. Before removal inbound feeds were showing subnet ranges/indicators. After removal there is not a single ip. processor shows R

...

raji_toor by L4 Transporter
  • 4554 Views
  • 3 replies
  • 0 Likes

Network Outbound baseline.

I need to provide a baseline of allowed traffic outbound for a period of time.

 

So to list

 

Client -> External Server [ Port/Application ]

 

Is there a report on the PA-3020 that can be crafted to do this

 

Thanks

 

 

Rob

Overlapping entry in custom url lists

I have 2 custom url categories. One as whitelist and other as blacklist. I am in the situation where I have *.youtube.com in allow list and needed to block tv.youtube.com

I added tv.youtube.com to blocklist but the firewall is still taking *.youtube.c

...

Resolved! How to allow GRE protocol 47 through Palo Alto FW?

Dear Friends, 

I'd be grateful if you could help me with this ...

 

I'd like to allow GRE traffic (protocol 47) through my Palo Alto FW. I want to allow all the GRE traffic through and not terminate a GRE tunnel on the PA itself. Appologies if this is s

...

Jedi_D by L2 Linker
  • 3999 Views
  • 3 replies
  • 0 Likes

Firewall with Vsys in Panorama

Hello

 

We are managing a several firewalls with single vsys with our M500 Panorama.

 

Now we will be adding a new PA Firewall with multiple context to panorama.

 

So the question is: What is recommended

 

1. Should we first add the firewall in panorama and

...

Data centre backup solutions which support PANOS8

What Data Centre backup solutions support PAN devices (both panorama and firewalls)?

Backbox seems to be a preferred PAN partner - http://hemispheretechnologies.com.au/cms/wp-content/uploads/2017/01/PaloAltoNetwork_BBX-Solution-Brief_2017.pdf

Are there

...

DDyall by L0 Member
  • 2482 Views
  • 6 replies
  • 0 Likes

Resolved! Global Protect pangps log messages - What to watch for

Our company just finished a rollout of the Global Protect client to all of our locations.  Now we are getting occasional complaints about disconnects/reconnect and other assorted odd behaviour.  Much of this is just users looking for something to bla

...

BeejCyr by L1 Bithead
  • 3636 Views
  • 1 replies
  • 0 Likes

Resolved! Configuration and Management (EDU-110) > Lab question

Hello, I am starting with this training "Firewall 8.0 Essentials: Configuration and Management (EDU-110)" and on page 12  it states:

 

1. Launch a browser and connect to https://192.168.1.254

 

Is there any other way to access this lab? or any lab enviro

...

perezk by L1 Bithead
  • 2443 Views
  • 4 replies
  • 0 Likes

Resolved! ProxyARP default setting

Hi Team,

               Is ProxyARP is enabled by default. Can we disable or enable this feature in PA??

 

with regards,

Ram

Resolved! Deployment job update licenses

Just curious, I noticed that at 01:17 my panorama connects to updates.paloaltonetworks.com then completes a "Deployment job update licenses" job for each of my firewalls.  This isn't anything to do with the sceduled dynamic updates as the timings are

...

djr by L4 Transporter
  • 4364 Views
  • 2 replies
  • 0 Likes

Resolved! Cryptocurrency Mining?

Hi folks,

 

We recently had a pen test and had positive results.  We do not use URL filtering, but have everything else.

However, on 12/24/2017 we can now see a reboot.txt file sitting in our Windows\temp directory on an Oracle OAM server.

Luckly, Carbon

...

OMatlock by L4 Transporter
  • 3710 Views
  • 16 replies
  • 0 Likes

Resolved! Exempt alerting for specific threat

We have an open wifi network and do see lot of coinhive spyware threat alerts. Recently a user genrated in excess 30000 email alerts for CoinHive JavaScript Detection. We don't want to block the user and also the external IP is not single one. Firewa

...

raji_toor by L4 Transporter
  • 2725 Views
  • 5 replies
  • 0 Likes

External up but, internal Outage, Migrating Users

Hi,

 

I am looking to explore options that in a situation when the External Edge may be "up" but, the internal resources have failed. For example, a core switch has crashed but, the firewalls and internet routers are still online. Users will connect to

...

nicford by L2 Linker
  • 1438 Views
  • 3 replies
  • 0 Likes