General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! pa200 two interfaces in same zone

hi everyone,

 

we have a pa200 with three L3 interfaces currently in use:

 

eth 1/1 - untrust - dynamic ip

eth 1/2 - trust - 192.168.18.1/24

eth 1/3 - dmz - 10.10.10.254/24

eth 1/4 - currently unused

 

Now we would like to configure eth 1/4 just like eth 1/2,

...

Resolved! Latency on Internal Interface

Hello,

 

Using PAN-OS 8.0.7. When we ping a trusted interface, we see latency up and down. Any clues?

 

root@test-machine:~# ping 10.2.2.100
PING 10.2.2.100 (10.2.2.100) 56(84) bytes of data.
64 bytes from 10.2.2.100: icmp_seq=1 ttl=63 time=3.46 ms
64 bytes

...

Farzana by L4 Transporter
  • 18215 Views
  • 9 replies
  • 0 Likes

UserID Factor Completion Time - Bad Data

We are seeing some random UserID entries being fed into our firewall that have a Factor Completion Time of "1969/12/31 19:00:00"; these always have a timeout of "0" so effectively kill the user mappings for that user.

 

Has anyone seen this before?  We

...

apackard by L4 Transporter
  • 3382 Views
  • 3 replies
  • 0 Likes

Zone protection - alert only

I have been investigating zone  protection and DoS protection for awhile now and I think I would have already implemented it if you could configure all the settings to alert when you begin testing.  

jdprovine by L4 Transporter
  • 2750 Views
  • 7 replies
  • 0 Likes

Resolved! pan-os 8.0 ntp not sync

Hi,

 

I have a problem with test VM-300, NTP not sync and use local clock.

But if i try to set timezone - clock set not correct

 

 

>show ntp

NTP state:
NTP not synched, using local clock
NTP server: 178.124.164.107
status: rejected
reachable: yes
authentication

...

SSergey by L1 Bithead
  • 8138 Views
  • 4 replies
  • 0 Likes

Resolved! How to configure a specific event to be sent via email

Hi Guys,

How would I go about configuring my PA to email me everytime another device with the same IP address of the Palo Alto joins the network, please? I didn't want anything else to be emailed to me, just that particular event. I remember I was abl

...

sonivEX by L0 Member
  • 2140 Views
  • 3 replies
  • 0 Likes

H/A Clustering Query

Hi,

 

I have a query regarding H/A clustering, I potentially have a requirement for H/A clustering with 3 firewalls and not just 2 (i.e. Active/Standby or Active/Active).

 

I believe that presently a 3 firewall cluster is not currently supported however

...

Data Plane high PA - 5020

i have problem about data plane, and the TAC say : packet rate is high, but i cannot find, how much PA-5020 can handle packet rate maximum.

i use command "show system statistic sessio" packet rate is 130K - 150K and dataplane 77% at 11:00 AM, but i se

...

Block recently registered domains

Is anyone successfully blocking domains that have been registered recently (last 30 days)? My testing has shown in the last three days, 380k domains have been registered. My PA-3020 capacity for External Dynamic Lists only supports a total capacity o

...

ASCIT by L2 Linker
  • 3323 Views
  • 5 replies
  • 0 Likes

Resolved! Download PAN-OS from GUI failing, potential MTU Problem ...

Ok folks

 

Here's an interesting one for you.

 

This is to do with connectivity between Panorama and updates.paloaltonetworks.com

 

We can retrieve licence info and download list of updates available for downloads (SW and Threats), but when clicking on dow

...

nawaza by L2 Linker
  • 2716 Views
  • 3 replies
  • 0 Likes

Resolved! Zone protection show wrong severity

We are doing a lab and making test attacks and see if the PA can detect them, we have an interface in tap mode and it is doing the span, we did all the configurations in a PA-200 but when we lunch brute force attacks or sql injection,  the logs shown

...

RCastro by L1 Bithead
  • 2073 Views
  • 3 replies
  • 0 Likes
  • 24286 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels