General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Source Users and Source Users Reported as "None" By FW

Hello,I'm on version 8.1.2, in ACC tab I do have a User Activity "widget" or pane that shows Source User, Destination User, Bytes, Sessions, Threats, Content, URLs and Apps. Always the Source User, presents "None" for Source User and also I see "None" for the Destination User with the most number bytes sent (or could be received). I do have va...

Restrict network access for mobile devices

Hello, I have an environment where mobile devices are managed using MobileIron. I want to restrict network access such that the only mobile devices that can connect are managed and belong to a known user. What is the best way to approach this problem? I have done some preliminary testing and it seems that the HIP checks requiring the device to b...

mikembau by L0 Member
  • 2555 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect - To which ethernet interface? WAN Facing?

Greetings,I am setting up GP on a small home office PA220 . I have a single E 1/1 Untrusted L3 interface that is internet facing.My logic tells me this interface should have the GP configured on it. However, the documentation and video turtorials don't specifically outline that the GP needs to be on an internet facing interface. I have followe...

catrock by L2 Linker
  • 7951 Views
  • 6 replies
  • 0 Likes

Almost all traffic identified as unknown-tcp?

We are seeing some of our Palo's periodically logging (almost) all traffic as unknown-tcp. As the traffic is being allowed through (and logged against) rules that do not allow it we assume this is a problem with the logs, rather than traffic being miscategorised. However we do seem to be be experiencing some random issues that may, or mayt not ...

apackard by L4 Transporter
  • 5460 Views
  • 4 replies
  • 1 Likes

Resolved! Flags field in csv file

i have a question about flags in csv log. do you know what does mean Flags 0x19?in NTP OR DNS logs, flag is 0x19.Thanks.

20180802_154251.png
hbshin by L2 Linker
  • 13445 Views
  • 8 replies
  • 0 Likes

Blizzard New Game Overwatch PA not allowing voice traffic through, Even with custom service ports.

It seems that I can not seem to get the voice chat in Blizzards over watch to work through a PA. So as a test i put TCP ports 1119, 3724, 6113, 80, and udp 26503-36503 and 3724 forward through allowing any app, to the PC running the game. Still didn't make a differance. Not sure if anyone has a PA setup with users playing games behind it or no...

taviss by L1 Bithead
  • 10903 Views
  • 13 replies
  • 0 Likes

Application dependency behavior

Rule 1 blocks apps A & BRule 2 allows the same apps as they are included in an application filter, along with otyher apps. Why do i see app dependency warning for the apps that are blocked by rule 1, & how can i resolve this. Rule 1 allows apps A & BRule 2 allows there dependent apps. I still see warnings for app dependancy. Why? I d...

raji_toor by L4 Transporter
  • 2849 Views
  • 1 replies
  • 0 Likes

OSPF Issue in 8.1.1

Hello, I am facing a flapping issue in OSPF, where the neighbor keeps going up and down, I tried adding a static route but the connectivity still drops packets between two devices behind the firewall on one side and behind the other mpls router on the other side, I wanted to check if this is related to the bug that was addressed in 8.1.2 as bell...

u-turn - why?

Hello,i'm moving complex configuration from Juniper's ISG2000 (ScreenOS) to PA-5220 and i faced a problem with internal servers (in DMZ zone) which should be available for everyone (including our own employees) on public IP addresses. On ScreenOS it was simple:Created MIP/VIP object (server-public-ip -> server-internal-ip)1st rule from trust ...

MarcinR by L1 Bithead
  • 14128 Views
  • 9 replies
  • 1 Likes

Decryption and Firefox

Greetings From my research into useing decryptiona nd the SSl certificate.I believe I need to manually install the certificate for each user? Is there not a better way? As a School that equals 100 users and about 300 PC's. If there is not a better way then there isn't. Thanks

Wykeham by L1 Bithead
  • 5161 Views
  • 4 replies
  • 0 Likes

TLS 1.3 support

When can we expect PANOS to support TLS 1.3 for SSL Decryption and WebUI management ? Firefox will have TLS 1.3 on by default with Firefox 52. Chrome 56 already have TLS 1.3, but Google paused the roll out at this point, due to other vendor problem.. https://www.theregister.co.uk/2017/02/27/blue_coat_chokes_on_chrome_encryption_update/

Resolved! UIA 8.1 issue

I have two different customers who hits same issue.One user is using PAN-OS 8.1.3 and UIA 8.1.3-10,another is using PAN-OS 8.0.12 and UIA 8.1.3.-10. The issue is that UIA detects user info as three types of formats like...1) domain\user (this is same as previous version)2) domain.local\user3) [email protected] When PA received these info, "show ...

emr_1 by L6 Presenter
  • 3247 Views
  • 1 replies
  • 0 Likes

Resolved! upgrading active passive panorama from 8.0 to 8.1.3

panorama is in active passive mode.need to upgrade from 8.8.x to 8.1.3 so i can upgrade the passive device first all the way from 8.0 to 8.1.3?then do the failover then upgrade the previous active one?? also panorama can still manage the PA running 8.0x right?

MP18 by Cyber Elite
  • 2329 Views
  • 1 replies
  • 0 Likes

HA sync time

I have 400 rules and it takes my PA 5050 HA pair 4 minutes to sync, that seesm long to me anyone else know their sync times or what should be a reasonable time?

jdprovine by L4 Transporter
  • 6662 Views
  • 8 replies
  • 0 Likes
  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels