General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Mining Domains from mixed IP/Domain List

Hi guys, I would appreciate some help withe this issue. I wanto to mine domains from a list that has IP/Domais mixed. The list has on the top a short description whose lines start with the "#" character. Thats fine, I can use the "ignore_regex ^#" to avoid it. But the list is composed by: 10.200.1.36 domain1.com172.31.31.31 domain2.com192.168.0....

Minemeld and production installation

Hi, I'm considering how to do some of the following, if anyone has advice or links to documentation I'm not finding I would appreciate it: Export the configuration in a way that any local custom miners are also backed up, meaning the restore is a literal one liner command or something along those lines. The export backup is a manual click and wo...

chirss by L3 Networker
  • 4661 Views
  • 1 replies
  • 2 Likes

Resolved! Panorama VM-Series Multiple Interface support

Hi Guys, We are planning to deploy virtual Panorama for one of our customers on ESXi platform. One of the requirements is that customer wants to have read-only access to the Panorama management. So we were discussing the solution to attach two interfaces to the VM - one for management access to the Panorama (routed to our internal NMS network) a...

what is the best for social-networking category ,Decrypt or no decrypt

Dears In my company ,unfortunately, allow facebook.com website we note when do "SSL Decryption" for social-networking category ,There is huge utilization on CPU (Up to 85%) what is the better for this case as design : Decrypt Facebook or no decrypt ? if we do "no-decrypt" ,Can palo alto to apply the policy of deny for some application on facebo...

FW Logging Prefix list

Can any one confirm that when we configured log collector group with two managed log collector (both active and passive Panorama's) and if see the logging status on the firewalls does it show only the Active Log collector or both Active and Passive log collector.thanks

Sanssj by L2 Linker
  • 2599 Views
  • 2 replies
  • 0 Likes

Resolved! Filtering for security policies with DSRI enabled

Has anyone found the syntx to search in the security rule-base for any rule that has "disable server response inspection" enabled.I attempted using disable-server-response-inspection eq 'yes' and other modifications of that similar syntax with no luck. I know searching for log settings is possible through the similar syntax log-start eq 'yes' et...

URL recategorization

Hi, I would like to know how I can receive details on why a URL is placed in certain category and not another. I have a specific one that I submitted (nbcnewyork.com Palo Alto states is Entertainment and Arts) however the employees submitting this for recategorization state this is a news site. I would like the details so I can supply a reason...

Resolved! Custom Report - Generating a Traffic Volume per Hour report, sorted by date/time

I've been attempting to create a report requested by a client using the Custom Reports module. The client is requesting a weekly report, containing 7 days of volume usage broken down by hour. I've managed to get the data I require, using the Traffic Log database, grouping by day - however the Sort By options leaves much to be desired. Are there...

NAT allocation during a pool configuration.

Team,We have a NAT pool configured for one of the ongoing requirements. Is there a way to force this pool to allocate IP address from start to end as per new requests come in? e.g. NAT pool configured is 10.10.10.1 to 10.10.10.10IP source is anything between 192.168.10.1 to 192.168.10.10 We noticed that if the traffic source is 192.168.10.2 it c...

nson2139 by L3 Networker
  • 3682 Views
  • 4 replies
  • 0 Likes

Security Policy not HIT after work for 1 month

I got setup 6 AWS VPC with direct connect connection to on prem panorama, which is working fine for a month, and now suddently all 5 VPC disconnected from panorama in the same time. i checked the BGP and IKE all established, i can ping the panorama IP, and make sure the right security policy with specific ssl and panorama application allowed. my...

Resolved! PANOS 7.1.x Internet Explorer web management slow

Hi, I upgraded our FWs from 6.1 to 7.1 a few weeks ago and ever since the web management access from Internet Explorer is painfully slow to load - takes around 1 minute to bring up the dashboard after logging in or contexting from Panorama to a firewall. Running from Chrome and it loads in 10secs. I've been through multiple combinations of setti...

JackGray by L1 Bithead
  • 4381 Views
  • 3 replies
  • 0 Likes

Resolved! Session Timeout Settings

Hi,we are using a PA environment in combination with Bluecoat Proxy SG for caching and user authentication. Bluecoat describes on his knowledgbase KB3323 the differences for session timeouts on proxie servers and firewalls.From our proxies I have many retransmissions to the Internet and so I want to change my timout settings on the PA in a bluec...

PA System Logs

Dear Expert , I need to get all System messages of PA in case of the below Events CPU Errors, warnings.Memory, RAM utilization warning, problem.Hardware failure, problem. .(Physical Events)Links , interfaces down.Processor warning.Disk warning.Fan warning.Power supplies warning.Restart, reboot events.Shutdown event.Your support is highly apprici...

hi Community

Hi all, We have upgraded globalprotect version 3.1.4 to 4.1.2. Its connected successfully . But after some time it saying portal not available. username take as portal name. anyone experience with globalprotect 4.1.2???

  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels