General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Local Support for Pan-DB

Hi All, a client of ours lives in SouthEast Asia and is looking to purchase Pan-DB and wonders if they will need to rely on local support there, which is very spotty. It looks like this community and the support side of things is very strong. How likely is it that they would encounter issues requiring local support there, ie, something that c...

Resolved! wildfire questions

Hi All, I recently started applying wildfire profiles for most of my traffic to public cloud on all applications. This includes some senitive information for eg: user trying to print out a document that has some sensitive details.I know wildfire provides great benfits against zero day malware but I have few concerns/questions around it.1.Are the...

MS Update ActiveX Cab file Denied?

Hello. I just reloaded a Windows 7 x64 computer. The first check wants to update the Windows update agent.For some reason PA blocks it as a ActiveX Cab file.The first check allows, but the it's denied. (picture attached).I added a Virus exception for the identity and added MSUpdate as an ALERT only to my data filtering object. Still not working...

pa1272018a.JPG
catrock by L2 Linker
  • 6078 Views
  • 3 replies
  • 0 Likes

Resolved! Teamviewer and Commit warning

We have to allow only Teamviewer on some pc's, not internet browsing.I created rule with apps:teamviewer (apps-group)teamviewer-webadobe-flash-socketpolicy-server, ssl, web-browsingBut this rule will allow web-access to all sites.Ok, i created custom URL category profile "Only teamviewer":teamviewer.com*.teamviewer.comBut traffic is not hit this...

aaobuhov by L2 Linker
  • 6053 Views
  • 3 replies
  • 0 Likes

DLP Options

Im exploring some various DLP options for one of my clients. Im niot finding much in regards to DLP functionality on Palo Altos (I have a pair of 3020's) Does anyone know what Palo Altos DLP solutions consist of? If any?Im primarily concerned with the loss of IP/sensitive data. Thanks!

Resolved! revert configuration automatically

I had a situation where checking log at start session box in a security policy while troubleshooting, after 2 minutes to commit changes, I lost comunication with the fw, because data plane get 100%. I would like to know if there is a commit revert command that, revert to the previous configuration in a time schedule. for example a commit that af...

Marivi by L2 Linker
  • 4496 Views
  • 1 replies
  • 0 Likes

useful custom reports

Hey all,I want to create some custom reports to get more useful information about what is going on in my network.I would like to know - just informational - which reports do you use in your daily business?Respectively which reports you consider as useful.Until now, I created one report that shows me the denied packets for every last week.Can you...

MPI-AE by L4 Transporter
  • 12521 Views
  • 21 replies
  • 0 Likes

Where is the BPA tool located??

I want to run BPA reports against my configs but I can't find the tool anywhere??? I know it exists as I have a Initial Analysis from our 3rd party supplier, but I would prefere to cut them out of the loop. Any ideas? Cheers Rob

Resolved! Getting Started with Best Practices Templates

Hi 2 all I am trying to create best practice for Vulnerability Protection and Anti-Spyware Profile with extended packet capture as desribed inhttps://www.paloaltonetworks.com/documentation/81/best-practices/best-practices-internet-gateway/best-practice-internet-gateway-security-policy/create-best-practice-security-profiles But i received warning...

aaobuhov by L2 Linker
  • 4475 Views
  • 3 replies
  • 0 Likes

Resolved! /opt/panrepo

Hello,someone know for What is used this partition? /opt/panrepo

Marivi by L2 Linker
  • 9582 Views
  • 2 replies
  • 0 Likes

PVLAN with Palo Alto?

I'm looking at doing some re-design for our DC networks and wanted to investigate some further segmentation. Since we aren't really large enough for NSX or ACI I wanted to look at PVLAN. I've got some Nexus9K switches with Layer 3 licensing in HA and had originally thought to use them as the gateway for the DC networks. Now though I'm wonderin...

jsalmans by L4 Transporter
  • 8030 Views
  • 5 replies
  • 0 Likes

Resolved! IKE v2 ASA vs. PA

Hi together, at the beginning of this week I ran into the following challenge. I’ve to setup an IKE v2 Tunnel between a Cisco ASA and a PA-850 running on 8.0.12.During the configuration the Cisco Partner send me the local and remote tunnel pre-shared key.After a few seconds of confusion, we started a funny discussion and 30 minutes of try and er...

Resolved! PAN-OS 8.1 User-ID problems

Hi there,I have some problems with a user-id installation on PAN-OS 8.1.4, scenario:1) Windows AD Domain Forest, with around 6/7 domains2) I'm only interested in authenticating users from one of the domains in the forest3) I've correctly connected the firewall to the local domain controllers and pulled out ip to user mapping4) I've also correctl...

Is the PA-220 compatible with newer firmware versions. Like 8.0 and 8.1

So we have several PA-200 in production and need to upgrade to 8.0. I was talking to a Palo Alto technician and he was telling me that the PA-200 are too old and not enough resources to handle the newer firmware and to upgrade. Do the PA-220 have enough power. I am assuming so since they are the newer version. Also, can they handle the workload...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels