General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

8.1.2 file-blocking / logging traffic direction

Hi all,

 

after updating from 8.0.x to 8.1.2 we noticed the following behaviour:

 

In the Data Filtering Monitor the direction of the traffic has moved.

Connections previously shown as 'from internt to lan' are now shown as 'from lan to internet'.

This whe

...

ABux by L1 Bithead
  • 3084 Views
  • 3 replies
  • 0 Likes

DMZ network redesign

Hi all, I'm hoping someone can help me avoid a huge overhaul and outage window of our DMZ network...

 

Our DMZ gateway is currently a Palo interface with GlobalProtect enabled on it. Servers on the DMZ are at a remote site connected via a Layer 2 spann

...

dmz.jpg

Problem with File blocking

Hi all

 

i need to prevent all downloads on a network using Palo alto without affecting browsing

i created a file blocking profile , denied all extentions in the download direction and applied it in a policy

but iam still able to download many  exe and j

...

AKabary by L2 Linker
  • 3128 Views
  • 2 replies
  • 0 Likes

PBF and cisco vpn client

Hi everyone

 

i have two ISPsinterfaces connected to my palo alto

 

i need to make a pbf  forcisco vpn client app traffic to cross through the second isp

 

in the pbf section in policies , i set the application to cisco vpn and ipsec-udb and IKE  and set t

...

AKabary by L2 Linker
  • 3507 Views
  • 6 replies
  • 0 Likes

Resolved! Redistribute Global protect mappings to another FW

Hi,

 

We can not identify GP users in a remote FW. We can see all AD mappings but not GP. I explain the scenario:

 

INTERNET  ---------------> FW Central (gateway GP) -----> MPLS --------------> Remote FW PALO ALTO

 

both PA are integrated with LDAP, but n

...

BigPalo by L4 Transporter
  • 3719 Views
  • 6 replies
  • 0 Likes

PCNSE exam passed

Hello i have passed PCNSE EXAM

https://www.linkedin.com/feed/update/urn:li:activity:6416953323617865728/

i can help other guys too if you wish

write me to email:shaigsamadov@gmail.com

Radmin_85 by L4 Transporter
  • 1811 Views
  • 0 replies
  • 1 Likes

Minemeld: Custom IP list, miner etc for EDL.

I apologize if this has been answered in previous posts, I've tried searching and it seems that I'm getting bit and pieces but not the whole picture.  

 

How would I go about creating my own list of IPs and then customizing Minemeld to mine \ gather

...

rkoenig by L3 Networker
  • 5330 Views
  • 4 replies
  • 0 Likes

Understanding Panorama Log Ingenstion & Sizing

I am new to PA & I'm trying to understand the necessity of log collection to a Panorama VM.  My company is about to deploy PA-3220's in HA pairs in several data centers.  We have a single Panorama VM getting deployed for 6 firewalls (3 HA clusters). 

...

QOS for multiple user addresses

Hi

 

i need to create a qos policy to limit downloads and uploads of user addresses objects created on palo alto device

 

i know that i will ceate a qos profile for down and up  , choose a class , priority and type guaranteed and max BW

 

then create a qos

...

AKabary by L2 Linker
  • 5354 Views
  • 8 replies
  • 0 Likes

Resolved! netflow behavior

Is the session is long live ( some applications like nfs,panorama) will start and last till 1 month.

As we have configured log at session end, the log entry will be created once the session is ended.

However we have configured netflow as well.

Netflow i

...

Resolved! Help understand TAP mode

Hello,

sorry for a dumb question but I am new to PaloAlto and I would like to understand the TAP mode on a physical PA firewall. We have Cisco Catalyst 6509 switch running in 1 of the offices as a core. PA firewall is used for users' internet traffic

...

  • 24308 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels