General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! suspicious user account and file in my system

Is this BOT or not ?

 

# cat /etc/passwd | grep trapsanalyzer1
trapsanalyzer1:x:993:990::/home/trapsanalyzer1:/usr/sbin/nologin

 

# chage -l trapsanalyzer1
Last password change                                    : Jul 13, 2020
Password expires          

...

pra838 by L0 Member
  • 676 Views
  • 2 replies
  • 0 Likes

Resolved! PA-460

Hi Team,

Please share me the EOL and EOS link for all the device models. I dont see the model PA-460 in the below link.

https://www.paloaltonetworks.com/services/support/end-of-life-announcements/hardware-end-of-life-dates

Regards,

Sanjay S

Palo Alto BGP: Conditional Advertising

Dear All,

Recently we have been migrating to a non-trivial BGP setup, and I have had to experiment with the conditional advertising BGP feature in Palo Alto. I was familiar with this concept from cisco, but alas I still found the documentation availab

...

HA Active/Standby HA-1 and HA-2 Ip addressing

The training videos say

 

HA1 1.1.1.1 <-> 1.1.1.2

HA2 2.2.2.1 <-> 2.2.2.2

 

do there addresses ever get place in the Routing table , RIB, VRF or Vwire?

 

I wish to avoid any issue where  people cannot route to cloudflare 1.1.1.1 or other conflicting

...

Policy Based Forwarding is not working for Secondary ISP

We recently added a new Internet link to our PA-3020. We want only one server (10.1.12.130) to use it, so we configured the new internet link interface as layer-3 , assigned it a static IP, created a PBF policy that basically specifies the zone (i

...

Drawing1.png
Anees10_0-1666768952880.png
Anees10_3-1666769066909.png
Anees10_5-1666769175304.png
Anees10 by L1 Bithead
  • 545 Views
  • 2 replies
  • 0 Likes

Data Filtiring logs not Show on GUI

I got a problem with showing logs. In past I got problems with threat and data filtering logs, they are simply not showing on the monitor tab.

I clean some space from the disc and upgrade pan-os to next version, threat logs start working, but still n

...

Panorama Log Retention Command

Hi,

 

I am running the command to show the Panorama log retention details on a Panorama M-500 'show system logdb-quota'

 

This doesn't show me the retention of traffic, threat logs etc:

 

user@PAN-PRI(primary-active)> show system logdb-quota

Quotas:
s

...

ElliotM by L2 Linker
  • 693 Views
  • 2 replies
  • 0 Likes

Resolved! PAN-OS 10.2 version log4j impact

If I access the log4j related link below, it is confirmed that it has been updated to PAN-OS 10.1 version.

 

URL : https://security.paloaltonetworks.com/CVE-2021-44228

 

I would like to know if PAN-OS 10.2 is also affected by log4j.

 

If anyone knows

...

Dipp nat pool duration time

Dear Team,

 

Any documentation or information regarding dipp nat pool duration time?

 

I would like to know how much the previously allocated IP:Port is maintained.

 

If anyone knows about this information, I would appreciate it if you could share it

...

Resolved! PAN_OS 10.0.0 upgrade issue

i am going to upgrade pan-os from 9.1.14-h4—>10.0.0–>10.0.11-h1–>10.1.0–>10.1.6-h6 for my pa 3260 device.But when the Pan-os upgraded to 10.0.0, i waited  for two hours and the global protect client can connect the portal and gateway, but it  can't a

...