General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 260 Views
  • 0 replies
  • 1 Likes

Resolved! Management CPU keeps 100% usage

Hi experts,

 

We are using PA-2020 in our environment and its firmware version is "4.1.6"

 

PA-2020 was working smoothly but now it appears very slow process when we click commit action. We have searched and followed many reference such like 1) disable e

...

2018-01-10_141253.jpg

Modify application

One of the applications (a default one in the Palo Alto) sometimes connects over an other port than the defined standard port for the application. Since I defined the plicys service as 'application default', this traffic gets blocked.

 

Its the applica

...

Sjoerd by L2 Linker
  • 3162 Views
  • 3 replies
  • 0 Likes

Resolved! Difference between pkts/sec vs conns/sec

Hi All,

 

In Zone Protection Profile, a unit of rate changed from packets/sec to connections/sec when I upgrade into PAN-OS 8.0.

It sounds defferent thing, though is this only changes on GUI and nothing changes on this feature, I mean way of counts is s

...

71.png
80.png
emr_1 by L5 Sessionator
  • 2913 Views
  • 1 replies
  • 0 Likes

Recommened PAN-OS as of April 2017 (Q2)

What PAN-OS are people running these days? I am currently 7.0.8 and it is time for the care-and-feeding of the firewall code at my company. I am looking at upgrading to 7.1.8 (but 7.1.9 just came out today).

 

I do not use any SSL Decryption features.

...

rpugh1 by L0 Member
  • 2176 Views
  • 3 replies
  • 0 Likes

Resolved! BGP filtering question

Hi

 

Quick question, pretty sure I know the answer.

 

But I want to redistribute some of the OSPF routes I have into BGP.

So I create a redist profile, say the source is OSPF

 

then I can use the BGP export filtering to stop what I don't want out.

 

So lets s

...

Proxy ARP

Hi

 

I have a 5220 in the DC and a 850 in the office

On the 5220 I have an interface onto network 2.7.3.0/24
On the 850 I have a NAT for 2.7.3.129/32
the 5220 get this via OSPF

How can I make the 5220 response on the interface 2.7.3.0/24 for arp requests f

...

OSPF and Cisco Routers

Greetings all,

 

I was doing some Core routing work during an outage this last week and ran into a repeat of some issues we had when we initially put our PAN boxes in to place.  The original scenario:

 

  • A subinterface existed on the Palo Alto with the ta
...

jsalmans by L4 Transporter
  • 5092 Views
  • 2 replies
  • 0 Likes

Resolved! NAT Security rule

I'm used to working on Cisco ASA and I'm having a hard time understanding why the security rule states Untrust-L3 for both the source and destination zone. Typically wouldn't that be Untrust-L3 to DMZ? Is there a specific reason for this behavior?

 

 

Screen Shot 2018-01-06 at 6.57.18 PM.png
Glitchen by L0 Member
  • 2071 Views
  • 2 replies
  • 0 Likes

DNS proxy not working

Hello,

 

We are currently getting resolve-fail events for DNS. 
Failed to resolve domain name: after trying all attempts to name server(s): 8.8.8.8 8.8.4.4
DNS server is in loopback.2 Interface/Untrust/IP:203.44.x.x
 
Below are some pics of DNS proxy setti
...

sessiondetails.jpg
DNS Proxy.jpg
Farzana by L4 Transporter
  • 4771 Views
  • 3 replies
  • 0 Likes
  • 23628 Posts
  • 107 Subscriptions
Top Liked Authors
Labels