General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

No Information on Core0 and Core3 - PA 220

Hi everyone, After reading the topic "How to Troubleshoot High Dataplane CPU", I realize that my PA 220 got no information on Core 0 and 3. Anyone meet this case ? If this is an error, I need to open a support case ?Thanks in advance for your help. Best regards,Mr. Tuan

resource.JPG
natuan by L0 Member
  • 2846 Views
  • 2 replies
  • 0 Likes

Resolved! CLI output filter

Hello,I would like to know if there's way how to "chain" multiple variables after pipe in some command to filter the output, something like:<command> | match <param1>|<param2>For example:show running security-policy | match index|source|destination|application I tried to play around with quotation marks, brackets and so on but ...

User-ID Configuration multiple different domains

Hello ; We have configured Captive Portals with LDAP on a Windows Server and it works perfectly fine but now we have planned to add another different domain in LDAP & User-ID configuration but we have some problems which indicates access denied. After running the command less mp-log useridd.log it shows the following response on the end of l...

Ghafar by L1 Bithead
  • 11813 Views
  • 8 replies
  • 0 Likes

Resolved! How to create multiple policy objects using Panorama

Is there any quick way to configure multiple policy objects on Panorama? especially looking to configure hundreds of fqdn objects to push them to firewalls managed through panorama so using GUI is quite a lot of work. e.g. for standalone PA, it is quick using CLI commands

Migration of Palo Alto VM series from one host to another

Two PaloAlto Virtual appliances has been deployed in HA mode on Customer site. Device models: VM-200We plan to migrate the virtual firewalls to another host via VMWare Vmotionfeature. Issue is: the status of licenses of the firewalls. We have information that the licenses will be lost in that case. What is essential to do to recover remove...

Radmin_85 by L4 Transporter
  • 5245 Views
  • 2 replies
  • 0 Likes

Traffic flow

Is there a good way to determine if the traffic flow through you firewall is optimal and the most efficient?

jdprovine by L4 Transporter
  • 6352 Views
  • 8 replies
  • 0 Likes

Active/Active HA with OSPF is dropping packets when innactive member becomes active

I am seeing an issue where upon pulling the plug in an active/active setup, OSPF does it's job. A few packets are lost but it is within an acceptable range. My issue stems from when the innactive member comes back online and joins the HA. I can't confirm this, but it feels as if the OSPF routes are coming up before the FW services are ready t...

ImBatman by L1 Bithead
  • 4399 Views
  • 4 replies
  • 0 Likes

Resolved! Outputs Limit! Service restart loop @ 30+

So the title is a slight misnomer.Have a dev server with 59 miners, 42 procs, and 32 outputs, works fine.Have a prod server with 58 miners 41 procs and 29 outputs, does not work fine. The two devices are set up with "identical" configs the dev server having a few extra test nodes.On the prod box, as soon as I add a 30th output node the service g...

0isac0 by L1 Bithead
  • 6047 Views
  • 5 replies
  • 0 Likes

Resolved! Security policy that permits traffic to any *.office365.com ?

I see there is an FQDN option for Destination Address when I create a security policy.I want to permit port 993 to any host in office365.com. Will it work if I just put office.comin the FQDN destination? Trying to put the * wildcard causes the widget to gray out theOK button. Thanks!

Resolved! Adding Address object to GlobalProtect split tunnel access route list

Hi. In the Palo Alto firewall, I've created a new Address object with the type set to FQDN and with a valid DNS record. Saved and committed the change. Then I try to add this newly created address object to the access route list in the GlobalProtect's split tunnel list (we using split tunnel for the VPN connection). However, I am not seeing...

Block outbound NTLM auth

With CVE-2018-0950 from Microsoft, if an outlook user clicks on an OLE object in an RTF email, the client will send credentials try to logon. Our security group is quite concerned about this. While allowing ports 445, 137 and 139 out to the internet is a really bad idea, they want to make sure that it is explicitly blocked. Is the application "m...

Resolved! Antivirus Dynamic Update fails PAN-OS 8.1.0 Cluster

Hi Community, I have a PA-850 Cluster with PAN-OS 8.1.0 and a valid Threat license.The active firewall is configured to download and install antivirus updates and sync them to his peer. Unfortunately, the update failed lately, so we were 4 days behind the current versions.After manually using "check now" the new updates were found without proble...

Chacko42 by L4 Transporter
  • 15380 Views
  • 10 replies
  • 1 Likes

Resolved! Disabling Indicator Expiration

@lmori, thank you for your help so far. I am migrating my data to the "stdlib.localDB" miner, per your suggestion here. I have two questions now: First, I noticed that the default expiration for indicators added to this miner is just one day. How can I change this to one year? What about disabling expiration by default? Second, I am trying to pu...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels