General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Best Implementation of PA 8.0

Dear All Expert,

Do anybody can share Best Implementation of PA-8.0 ?
https://www.sans.org/reading-room/whitepapers/auditing/palo-alto-firewall-security-configuration-benchmark-35777 


Best Regards,
Chhayheng

Resolved! Cannot access PA-200 via Console

Greetings all,  I have a PA-200, there it was previously configured and it was stored for long time, we wanted to reuse it, however, I cannot access it via console, when I connect to it nothing there in Putty just black screen. here is what I have: C...

mfkoko by L1 Bithead
  • 10308 Views
  • 8 replies
  • 0 Likes

dismiss global protect download link From GP Portal

hi Guys,

 

well, i m running on version 8.03 and have done all necessary clientless configuration but one thing is a bit weird to me.

 

-  Once a user log in  via the Portal,  he is able to use or see  the GP download link, has anyone any idea on how to

...

big_Gilo by L2 Linker
  • 1831 Views
  • 1 replies
  • 0 Likes

FTP weird behaviour

Hi,

 

We realised that our PA is doing something strange with FTP app

We have create and above rule (Servidores a INET 1). All our FTP connections involved should match this rule but we see connections which are jumping this rule and mathicng in another

...

policies.jpg
good rule.jpg
Bad rule.jpg

Skype for Business - Send files

Hi,

 

Having some issues with Skype for Business and file sending. When i have SSL Decryption on, I cant recieve or send files over SfB (Works when I turn it off).

Does someone know what URL`s i should add to the "NoDecrypt" url list to make it work?

JoneSkj by L1 Bithead
  • 2322 Views
  • 4 replies
  • 0 Likes

Resolved! DHCP Clients Not Getting IP From ISP Router Thru VWIRE

Hi All,

 

I may be missing something but wanted to check with you all.  I have a network with a PA-200 (vwire) between a FIOS router and a Netgear Layer 2  switch.  I also have WAPs connected to the switch.  The FIOS router is providing DHCP address to

...

GlobalProtect & User-ID

Hello,

 

I am trying to find some information on how to configure GlobalProtect with User-ID but haven't been able to. What I am trying to do is to enforce a new policy where when some of the users, who have laptops that aren't joint to the enterprise

...

GlobalProtect HIP not identifying products.

Hi.

 

I have two different HA-pairs with GP VPN configured on them. I'm trying to get HIP to work on the client, but I'm running into issues.

 

First issue is there are a number of applications we're checking for including Dell Kace and Comodo AV Suite a

...

Migrating FW HA Pairs from Panorama -to- Panorama

Due to some organisational restructuring a requirement has come about to migrate existing FWs which are managed and associated to Panorama-A  over-to  Panorama-B with minimal amount of pain or change in terms of policies.

 

So essentially Panoram-B wil

...

nawaza by L2 Linker
  • 1196 Views
  • 0 replies
  • 0 Likes

Group Mapping

 

Included Groups under Group Include list showing full LDAP distinguished name. Would someone be able to advise how to configure a firewall to display "DomainName\GroupName" instead? 

 

Thank you

Marek

 

 

 

Incorrect URL Category Displaying In Syslog

Hello,

 

Since we have enabled Insufficient-content (PAN-DB) as a URL category a few weeks ago, some of these URL category logs are displaying in Syslog as an old Brightcloud category called Unconfirmed-Spam-Sources. We have not used Brightcloud for ye

...

Rags by L2 Linker
  • 1631 Views
  • 0 replies
  • 0 Likes
  • 24296 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels