General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How will threat functionality work with asymmetric routing

Posted this on threat discussions but havent had any responses. Please help me understand what will happen in this case. I would like to understand what will happen to Threat Protection and AntiVirus(TPAV) in the following case. Both firewalls have "allow" non-syn-tcp turned on. Each firewall is only seeing half of the session and has no idea a...

question.PNG
SuryaR by L3 Networker
  • 2633 Views
  • 1 replies
  • 0 Likes

Seeson end reason aged out

HI friends, We have created interzone rule looks like below <entry name="Rule1> <profile-setting> <profiles> <url-filtering> <member>default</member> </url-filtering> <virus> <member>default</member> </virus> <spyware> <member>Sinkhole</member> </spyware&g...

Rule base management best practices

Hi Everyone, I'm new to the Palo Alto firewall system. My experience is with Checkpoint firewalls. I've been asked by management to look into the best practices for rule base management. Currently we go through the rule and look at every rule and try to determine if it's still valed. We then disable the rule for 30 days and then delete the rule ...

Log retention in firewalls and panorama

Hi, I have the following question related to log management: why PAN-70X0 can't send event logs to Panorama ?are the event logs stored in compressed format ? If so, what is the compression ratio ? Regards Mario

Resolved! Panorama failover and connection to Firewall

We have M100 in active and PAssive mode.Did failover where active was suspended and passive M100 became active Check the firewall it still shows connected to Suspended PAnorama and it is active one from FW point of view?is this by design?

MP18 by Cyber Elite
  • 4295 Views
  • 6 replies
  • 0 Likes

Resolved! Minemeld SSL Certificates

Hi - 2 questions:- > How do we change the default SSL certificate on Minemeld? Standard Apache cert replacement? > If we have a custom source running SSL with a self-signed cert, can we force a HTTPS miner to ignore the cert error? Thanks!

apackard by L4 Transporter
  • 28878 Views
  • 11 replies
  • 0 Likes

Resolved! Load Partial Config: merge vs append

When loading a partial config you have 3 options: replace, merge, append. I can't find a description anywhere as to what exactly each of these does! Especially between merge and append. I did see this KB article but it really doesn't explain the ramifications for each of these choice and neither does the CLI Guide. KB Article referenced: ht...

Packet Flow Sequence and Application Override

Hello everyone,I have a question regarding the "AppID override" ,In this article "https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVLCA0" we can read the following:"Special Note about Content and Threat inspectionApplication Override to a custom application will force the firewall to bypass Content and Threat inspectio...

Resolved! TLS 1.3 is Coming - How to deal with it????

My security counter parts came to me letting me know that in Chrome version 70.X+ TLS 1.3 will be turned on by default. This appears to be causing problems in our current firewall deployment: A/P HA-par 5220s running 8.0.10 (soon to be 8.0.12). It looks like Google has released an article describing what's going on: https://www.chromium.org/Hom...

TLS_Error.png
TLS_1.3.PNG

Problems with ping due to SSL decryption

Hellowe have PA 220 modeland when we implement SSL decryption we can observe the ping delay in our trust interface.THE cpu load is 50 %when we turn off the SSL decryption everything is normal

Radmin_85 by L4 Transporter
  • 3271 Views
  • 2 replies
  • 0 Likes

Resolved! Policy Order - How to allow URL categories ahead of an IP Blocklist

We have IP Blocklists before the rules for Web Browsing. However, we need to allow some URLs that would otherwise be blocked in the IP Blocklist (subsites of Weebly, don't get me started). Right now I have a Policy above the blocklist that alertss http/https with Service/URL Category/URL Category set for the Custom URL Category for the exempti...

Resolved! Cannot access PAN Webgui

Hello, Recently we performed a decrypt change to allow website to bypass decryption.Now no user can access the PAN Webgui https.Tried in different browsers and from different machine but no change.Connection to FW via putty session is fine. We have rebooted the device.Kindly advise how to fix this issue.

Webpage.jpg

Issues with the MineMeld Microsoft EDL's

For the last couple of weeks we are running into an interesting issue with our Office365 EDL's. We pull the Office365 API based IP/URL list into Panorama using MineMeld. This process is working perfectly. We have compared the output within MineMeld against the EDL on our firewall and they are identical. For some reason I am seeing multiple c...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels