General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Office 365 returning 0 indicators

I just noticed my Office 365 indicators are reporting zero for all Office 365. I originally installed 0.9.46 and it had been working great for a few months. After I noticed this I figured it had something to do with MS change from xml to json. My Palo Alto firewalls point to October 11th as the last time they saw a valid EDL. I upgraded Mine...

Resolved! Commit not working in passive firewall

When I commit the firewall in active firewall I can able to commit. When I commit in passive firewall it shows "Error: config push error" However I don't need to push the configuration in passive firewall I'm doing this as my HA sync is having issue. Please let me know your comments

image.png

Resolved! Palo Alto - Dynamic Updates

Hi ! I'm new to the Palo Alto Firewalls. I have query about the content updates for the PA Devices has TP licenses. We are pushing updates through Panorama. Q1: I can install only one Active AV or threat updates to the firewall . Since this the new deployement , if i install with latest update is enough for us or we need to install all the upda...

gpsriram by L1 Bithead
  • 2401 Views
  • 1 replies
  • 0 Likes

Resolved! Captive Portal and MFA

I have configured captive portal with MFA.Primary auth method is radius and secondary is duo-security. Under network Global Protect Portal config is done Do I need any config under gateway??????? My understanding is that we need gateway config only when we use the VPN?

MP18 by Cyber Elite
  • 2510 Views
  • 1 replies
  • 0 Likes

Resolved! Purpose of Authen Profile under Global Protect Gateway

We have configured MFA using CP and using RSA as Second authen. Under Network Portal Authen--------------Radius Gateway Authen ----------------Radius Under Device CP - Authen ---------RSA Why we need Authen profile under Gateway??????????should Authen profile under Portal and Gateway have to be same????? Why we u...

MP18 by Cyber Elite
  • 2930 Views
  • 3 replies
  • 0 Likes

show counter global filter delta yes -----drops

when i run command show counter global filter delta yes i see below counters incrementing need to understand which are these drops and why PA is dropping these packets?do they impact the performance of the PA? flow_tcp_non_syn_drop flow_fpga_egress_exception_err flow_fwd_l3_ttl_zero flow_action_close

MP18 by Cyber Elite
  • 7570 Views
  • 2 replies
  • 0 Likes

Resolved! logical int counters - packets dropped

Logical interface counters read from CPU:--------------------------------------------------------------------------------bytes received 21513660bytes transmitted 2835packets received 358561packets transmitted 21receive errors 0packets dropped 358539 is oit normal to have packets dropped?

MP18 by Cyber Elite
  • 5583 Views
  • 4 replies
  • 0 Likes

Palo alto HTTPS decryption?

Hi all, I am using PA-850. I configure to decrypt HTTPS, and use AD group policy to install certificates on client, it works well with AD users. but we have other situation that client is not AD users. do we have any ways to redirect client to the URL if client is not trusted certificates with firewall? then they must install the certificate if ...

Chivas by L2 Linker
  • 6029 Views
  • 6 replies
  • 0 Likes

Resolved! Wildcard certificate on PA firewalls

Hi Team, I'm trying to create a CSR in Panorama in order to get a wildcard certificate from our third party CA. In order platforms, I define as common name the format *.mydomain.com but in Palo Alto I'm getting an error: Failed to generate certificate and key. When I change the common name to .mydomain.com it allows me to create the CSR. I just ...

Stickied post for recommended versions?

Just wondering since this is a topic that comes up often and I actually just asked TAC about it myself, should we maybe have a stickied post on here that documents the recommended versions for each software track? I realize Palo Alto doesn't publish it anywhere but the knowledge is usually spread around among the users anyways after one or more...

jsalmans by L4 Transporter
  • 3763 Views
  • 3 replies
  • 3 Likes

User-Agnet 8.0.12-5 problem to read Windows server 2016 security event

Hello, I installed UIA 8.0.12-5 on WIN server 2008 R2 (FW PAN OS is 8.0.13). I'm throubleshooting userid login problem and it looks that log event (Event ID 4768,4769,4770,4624) are not readed by the user agent on Windows Server 2016. Connecting to WIN 2016 server I can see that Event ID 4768,4769,4770,4624 are on the security log but if I incre...

Resolved! Real time alerts for threats?

Is there such a thing with PAN? IE if the logs generate a critical alert can is there some logic to fire an email or generate a report with the relevant information?

drewdown by L4 Transporter
  • 8572 Views
  • 10 replies
  • 0 Likes
  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels