General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

PaloAlo ports not coming up!

Hi, I am configuring some new PA850s and interfaces are set to Vwire mode. ports are connected to cisco switch but they are not coming up. they come up and go down. here are settings from cisco side:speed 1000duplex fullno mdix auto paloalto ports:speed 1000 and everything auto. Can you please help? Regards,

qasim02 by L2 Linker
  • 9655 Views
  • 7 replies
  • 0 Likes

Importing Logdb into different devices

I'm trying to import logdb coming from a PA-2050 to a smaller devices like VM-100, PA-200 or PA-500 but without any luck. Has anyone successfully tried this operation?The command scp import logdb from ... seems ok but in the end no data is shown under Monitor > Traffic page.Importing the exported logdb into the same units, after a factory res...

NGS_SOC by L3 Networker
  • 5056 Views
  • 2 replies
  • 0 Likes

MineMeld can not get O365 JSON format list

[Failure event]In the case of O365 's xml format, when MineMeld received traffic after ClientHello, I got a list but if I set config for JSON support I can not get a list. [Prerequisites]MineMeld will go through Paloalto and do Internet communication. [Question]I think that the packet flow that can be checked with Paloalto is incorrect.We were a...

Resolved! Implicit web-browsing and ssl

I've noticed that some App-IDs have web-browsing and ssl implicit to the application while others they are dependencies. Is there a reason for this?Are the App-IDs being updated to make these 2 applications implicit? For instance, I'm setting up firewall policies for both teamviewer and Office 365. There are many more but I'm using these two ju...

Resolved! tcpdump filters

Does anyone know what filters are supported for the tcpdump command on PAN-OS (7.0) ?For troubelshooting of a Syslog (server) issue, due to large amounts of traffic, I need to capture only packets with syn- or fin/rst-flag set.Something like this : # tcpdump 'tcp[tcpflags] & (tcp-syn|tcp-fin) != 0 Documentation found 'How To Packet Capture...

Dulle by L2 Linker
  • 23003 Views
  • 7 replies
  • 0 Likes

Statics for DoS Protection

Since DoS protection is for more granular protection of a server, how can i see the statics for the particular server i want to protect. Wouldn't we need to know the pps statics and sessions for that particular server.

raji_toor by L4 Transporter
  • 3069 Views
  • 3 replies
  • 0 Likes

Resolved! Newbie - GP and NAT

1) this is for a home use environment. 2) I have successfully configured Global Protect to work external. 3) I have PLex running and need to get it communicating to the world. Was able to do this before GP by setting "Service" to "any" in the NAT rules, but this broke GP, and not to even say isnt very secure. Anyone have suggestions?

ckg1999 by L1 Bithead
  • 9666 Views
  • 15 replies
  • 0 Likes

Static NAT between virtual routers

Hi, I'm going to migrate a Juniper SRX firewall with a Palo Alto VM-500 firewall.The case: The Juniper firewall is configured with multiple virtual routers. Between this routers we can static NAT subnets. As showed in the picture below, we have 2 virtual routers. If Subnet 192.168.1.0/24 behind VR A should reach Subnet 192.168.2.0/24 behind VR B...

Juniper-SRX-VR-Prinsipp.png
JohnOlav by L0 Member
  • 4415 Views
  • 1 replies
  • 0 Likes

Resolved! Forum Location for Education institutes

Greetigns Is there a section of the forum where people involved with education Institutions. I want to get some idea of how and what people allow when dealing with Children in a school when the age ranges from 8 years old up to 17 years old. as well as catering for the staff. Which I then need to work out how to do that on a Palo Alto. Thanks fo...

Wykeham by L1 Bithead
  • 3178 Views
  • 2 replies
  • 0 Likes

Log percentage and space

If logging is set to allow up to 95% space on the disk and it hits 95% that same partition,/dev/md6 3.8G 3.2G 454M 88% /opt/panrepo - PAN-OS Image repository.(Device/Software), resides the PAN OS what happens when you hit 95% on logs and try to install a new OS

jdprovine by L4 Transporter
  • 4525 Views
  • 6 replies
  • 0 Likes

Resolved! Wrong IP calculation after Whitelisting on MineMeld

Hi, I have installed MineMeld and it works fine. Before creating our configuration I wanted to test something on Whitelisting as it is going to help on what we are aiming to do with MineMeld. I hope the below finding is a configuration mistake or something i have missed and not an issue in MineMeld. Simple when i whitelist two IP from a...

StamL by L0 Member
  • 5729 Views
  • 3 replies
  • 0 Likes

Intrazone Rules

Hey guys,I took over a Palo Alto Firewall and I noticed that there is a intrazone allow rule at the end for every single internal zone.So source zone: internal zone xysource address: anydestination zone: internal zone xydest address: anyapplication: anyAction: allow these intrazone allow rules are placed before the intrazone default deny rule. W...

MPI-AE by L4 Transporter
  • 7799 Views
  • 6 replies
  • 0 Likes

Resolved! When to use ZoneProfile and DoS Profile

Hello All - Can i understand that Zone Protection Profile is to Protect Firewall itself and DoS Protection Profile is to protect the servers and hosts behind the firewall from Internet?Can i achieve a DoS protection (For example SYN Flood attack) only by configuring DoS Protection Profile that will be tailored with Policy Rule with source and de...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels