General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

GlobalProtect Client with Android 9 (pie)

Is PAN abondoning the GP mobile client on Android? The last update was a while ago, the UI is just horrid and it crashes under Android 9. Several reports of the issue have been made but all is quiet so far. Does anyone have any inside info? I was using XAuth but after upgrading to 8.1.3 I am getting funny behavior so I was going to give the GP c...

hshawn by L4 Transporter
  • 3126 Views
  • 3 replies
  • 0 Likes

FTPS connections are not working

Hi, We have a inbound NAT for FTPS but the connections are not working. We can not see any deny in FWs.We dont have decrypt SSL configured. I think it shouldnt be necessary, right?Policy configures has "ssl" and "ftp" allowed. this is the ftp log: Why ftps connections are not working?? any dynamic port or something like that?

Logs ftps.JPG
BigPalo by L4 Transporter
  • 4762 Views
  • 3 replies
  • 0 Likes

Resolved! problem matching rule with user-id

hello, I have a problem matching rules using user id, in uadebug.log I can se this warning:[ Warn 2813]: Device thread 1 replied get BloomFilter msg with no BFsomeone know what that means? Thanks

Marivi by L2 Linker
  • 6371 Views
  • 1 replies
  • 0 Likes

SSL proxy allocation error

I had ssl decryption in place on PA_5020 and it seems like during peak times, my internal data traffic is reaching max ssl decryption session limit and those beyond the limit are shown as decrypt error and are sent un-decrypted. Is there any solution for this besides hardware upgrade, offload ssl decrypt to proxy? Thanks.

IKE traffic recognised as unkown-udp since September 6th

Customer had an application based rule for VPN traffic. However since September 6th the traffic on UDP 500 is no longer recognised as IKE. Some VPNs stopped working, some still work even if they shouldn't really. Release notes of last 3 content updates don't mention anything about changes to IKE. Anyone has similar problem?

santonic by L6 Presenter
  • 2443 Views
  • 3 replies
  • 0 Likes

Can someone please recommend an Email Server Setting that will work for Email Threat Notifications

Can someone please recommend an Email Server Setting that will work for Email Threat Notifications on a PA-220 ?I have tried the Gmail Server - ASPMX.L.GOOGLE.COM and it is not workingPlease provide a step by step example for how i can configure email threat notificationPlease provide some email servers that does not use TLS as wellthat works wi...

GlobalProtect SSL VPN - Slow SMB Transfers

Hi. First let me say that I have managed to get some improvement to transfer speeds by tweaking the MTU setting on the tunnel interface for the GP VPN. When I first started my testing, if I copied a single large file ( a 400 MB ISO ) from a remote server share to my VPN connected workstation, it was going pretty slow, only transferring at 1-2 MB...

colesch by L2 Linker
  • 11761 Views
  • 1 replies
  • 0 Likes

Interconnect between layer 3 and layer 2 interface possible?

Is below configuration possible? 1. 1 layer3 interface act as gateway and DHCP2. 1 layer2 interface interconnect to the layer3 interface above. The computer connected to this interface can reach the layer3 gateway and IP address receive from its DHCP In short, 2 interfaces use the same gateway and DHCP.

jeremylo by L3 Networker
  • 6162 Views
  • 9 replies
  • 0 Likes

Resolved! New PA820 replacing PA500

Hi all,Just wanted to get some ideas on performance of the PA820, right now our PA500 is acting as a router/gateway to internal lan, and will be migrating to the pa820, so if I were to keep the settings, like just migrate over the configs, will the pa820 perform better as a router, cause currently some users are complaining of slow intervlan per...

cdcirexx by L3 Networker
  • 5465 Views
  • 2 replies
  • 0 Likes

show system disk-space

Is this information still correct for 7.1.16 , I am trying to plan my upgrdae from 7.1.16 to some version of 8 and trying to make sure I have enough space on the disk to do it /dev/md6 - PAN-OS Image repository.(Device/Software)/dev/md2 - Service related logs./dev/md8 - - Allocated for PAN logs./dev/md5 ...

jdprovine by L4 Transporter
  • 10992 Views
  • 18 replies
  • 0 Likes

How was determine or verify after with application override bypass L7

Hi Expert , I would like to verify after config and traffic is match with Application Override Policy that it already bypass L7 how to check it via cli or gui so, I have understood about can check with show session id after filter application is already override but I have to clarify and verify it. Sorry to bad english

Shutdown Clustered/HA FWs

Is there any documentation on how to properly shutdown a clustered/HA FW pair and then restore connectivinty power verifying proper function once power is restored?

GMasanz by L0 Member
  • 4963 Views
  • 3 replies
  • 0 Likes

Dynamic TCP port APP query

Hi community, In a situation where there is a security policy allowing: SOURCE Source IP: any Source Zone: outside DESTINATION Destination IP: public IP 1.2.3.4 -> NAT'd to private IP 10.10.10.10 (servername1) (the security policy is using the post NAT zone). The inbound NAT is also correctly configured, and NATing correctly. APP: appX -> ...

ash83 by L2 Linker
  • 3633 Views
  • 3 replies
  • 0 Likes
  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels