General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1694 Views
  • 0 replies
  • 0 Likes

Application dependency behavior

Rule 1 blocks apps A & B

Rule 2 allows the same apps as they are included in an application filter, along with otyher apps.

 

Why do i see app dependency warning for the apps that are blocked by rule 1, & how can i resolve this.

 

Rule 1 allows apps A & B

...

raji_toor by L4 Transporter
  • 2571 Views
  • 1 replies
  • 0 Likes

OSPF Issue in 8.1.1

Hello,

 

I am facing a flapping issue in OSPF, where the neighbor keeps going up and down, I tried adding a static route but the connectivity still drops packets between two devices behind the firewall on one side and behind the other mpls router on th

...

u-turn - why?

Hello,

i'm moving complex configuration from Juniper's ISG2000 (ScreenOS) to PA-5220 and i faced a problem with internal servers (in DMZ zone) which should be available for everyone (including our own employees) on public IP addresses.

 

On ScreenOS it

...

MarcinR by L1 Bithead
  • 11500 Views
  • 9 replies
  • 1 Likes

Decryption and Firefox

Greetings

 

From my research into useing decryptiona nd the SSl certificate.

I believe I need to manually install the certificate for each user?

 

Is there not a better way?

 

As a School that equals 100 users and about 300 PC's.

 

If there is not a better wa

...

Wykeham by L1 Bithead
  • 4433 Views
  • 4 replies
  • 0 Likes

TLS 1.3 support

 

When can we expect PANOS to support TLS 1.3 for SSL Decryption and WebUI management ?

 

Firefox will have TLS 1.3 on by default with Firefox 52.   Chrome 56 already have TLS 1.3, but Google paused the roll out at this point, due to other vendor proble

...

Resolved! UIA 8.1 issue

I have two different customers who hits same issue.

One user is using PAN-OS 8.1.3 and UIA 8.1.3-10,

another is using PAN-OS 8.0.12 and UIA 8.1.3.-10.

 

The issue is that UIA detects user info as three types of formats like...

1) domain\user (this is same

...

emr_1 by L5 Sessionator
  • 2916 Views
  • 1 replies
  • 0 Likes

Resolved! upgrading active passive panorama from 8.0 to 8.1.3

panorama is in active passive mode.

need to upgrade from 8.8.x to 8.1.3

 

so i can upgrade the passive device first all the way from 8.0 to 8.1.3?

then do the failover then upgrade the previous active one??

 

also panorama can still manage the PA running 8

...

MP18 by Cyber Elite
  • 2040 Views
  • 1 replies
  • 0 Likes

HA sync time

I have 400 rules and it takes my PA 5050 HA pair 4 minutes to sync, that seesm long to me anyone else know their sync times or what should be a reasonable time?

jdprovine by L4 Transporter
  • 5526 Views
  • 8 replies
  • 0 Likes

GlobalProtect Install issues

having a bit of a weird issue.  I believe it may be related to some of my security setting in GPO, but I can't tell what. 

 

When users download one of the 4.1 releases of the GlobalProtect clients, the install will go through the first screen or two,

...

GlobalProtect - Understand Client side Logs

Hi Guys,

 

We are doing a global protect deployment and I'm new to this area. Time to time we have some users with poor performance or freequent disconnects from global protect who send us log fles.

I have tried to search documentation that could provid

...

Namalw by L1 Bithead
  • 4415 Views
  • 1 replies
  • 0 Likes

Url filtring

Hello all,

 

Actualy we have 2 PA 3020 firewall in our company, we have some issue with the option URL filtring.

 

we have a policy block all user to acces to the web page with category (ex: games ...) 

 

in the monitor, I find the users who are bloked but

...

Session browser vs. traffic logs

Hi all,

Maybe someone can help to bring some light on my question. I'm trying to determine the difference between the session browser and the traffic logs. Why it is that when I search on a rule in the traffic logs I see specific traffic that is not i

...

Resolved! PA-3020 vs PA-850

Hi,

I am in the process to purchase a new pair of firewalls (in active/passive setup), but I am stuck in selecting PA-3020 or PA-850.

While the tech specifications are similar, the cost is not.

Additionally, the PA-3020 is around since a while, so I am

...

AMoretti by L1 Bithead
  • 8528 Views
  • 4 replies
  • 0 Likes

Resolved! ssl decryption enabled and proxy_wait_pkt_drop

 

ssl decryption is enabled on PA.

sh running resource monitor is also normal.

 

when i run below command i see

 

show counter global filter delta yes category proxy

Global counters:
Elapsed time since last sampling: 124.323 seconds

name value rate severity c

...

MP18 by Cyber Elite
  • 3358 Views
  • 4 replies
  • 0 Likes
  • 24216 Posts
  • 117 Subscriptions
Top Liked Authors
Labels