General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

User-ID Policy not being used

We have an agentless User-ID setup. Firewall is able to pull user accounts from the AD.User-ID based policies were created on top of IP-Based policies. However, some user traffic can be seen using the user-id based policies, some users can be seen using the IP-based policies.This happens on all of my sites. Is this a normal behavior? Or is there...

Resolved! Subinterfaces and Policy based routing

Hi, so I've configured a new L3 subinterface on an existing L3 interface, both with IP addresses and I thought it was going to work. I've got a PBR rule in place on the previous hop, a HP switch, which diverts some traffic to this new subinterface. I can see the selected traffic allowed out from the Palo's traffic monitor logs but, from the clie...

Library network PBR plan.jpg
2018-02-27_161058.jpg

GlobalProtect Certificate auth debug

could anyone please advise a good way via cli to debug certificate authentication. I have followed most of the log files but cannot find one related to GP authentication. many thanks in advance...

Mick_Ball by L7 Applicator
  • 2481 Views
  • 1 replies
  • 0 Likes

API - list just device groups in panorama

Hi All, Does anyone has any idea on how to list just the name of device groups in panorama using the api if i do the following path: https://mypanorama/api/?type=config&action=get&key=<my key>/config/devices/entry[@name='localhost.localdomain']/device-group it lists the complete configuraiton of all the device groups. thanks for a...

Harshit by L3 Networker
  • 3437 Views
  • 1 replies
  • 0 Likes

Managing single pair of VM firewall with and without Panorama

Hi Palo Alto Community I wanted to ask what are the pro's and cons of not using a Panorama for managing a single pair of VM-300 firewalls. From reading documentations etc, the main benefit of Panorama would only be if this was a distrbuted deployment managing 10's or 100's of firewalls. If in this case it was only 2 VM's to be managed a Panorama...

Resolved! How does the PFS Inbound Inspection work?

Hello Team, I am wondering how exactly the Inbound Inspection with PFS works? Diffie-Hellman per definition has the functionality that a key agreement is happening without transfering the key through the "unsecure" channel. All passively listening instances are not able to determine (calculate) the key used for the encryption. Well with this inf...

tisc by L1 Bithead
  • 3931 Views
  • 1 replies
  • 1 Likes

GlobalProtect - MacOS Support for Unscoped DNS Lookups

I am running Global Protect 4.0.3 and everthing is wokring successfully with Windows Devices. When DNS requests are made for the seach domain "foobar.com" they are directed at the internal DNS Servers defined within the GP Client Configuration and the requests are sent down the tunnel to internal DNS Servers. If it is for any other domain lookup...

Impossible? List unused Addres Objects?

I assume there is no report to list address objects that have not been used Ones that may or may not be in rules, relate to long dead or incorrectly entered endpoints, that have not generated any traffic. I have seen the "Shared_dup_and_unused... script, but don't think that gives me the desired result. Unless someone has something already, I th...

Policy Rules for BFD, OSPF , DHCP and DHCP relay

Hi So do I have to setup policy rules to allow OSPF, I have OSPF on the PA . But when i don't have the rules in place OSPF fails, when i have them it doesn't log anything DHCP, do I need it if the PA is running DHCP. what is the source and destination ? DHCP-relay, source is the input zone and the destination is the dhcp server I am relaying to...

Looking for maximum cps made by the firewall since last reboot

Hello All, I understand that there is show session meter, show session id and also show system statistics session But I would like to find out how many maximum connections were made in a second, since my firewall last rebooted. I am looking for a number, which tells me what is the maximum connections my firewall made in a second since it reboote...

SuryaR by L3 Networker
  • 2130 Views
  • 1 replies
  • 0 Likes

Rules with schedules failing intermittantly

I recently upgraded to OS 7.1.15 on my PA 5050, I have two rules with schedules on them and have had for over a year. In the traffic logs it was showing the traffic going back and forth between denying and allowing the traffic. When I removed the schedules they worked with no issues. Any ideas what could be going on?

jdprovine by L4 Transporter
  • 4949 Views
  • 10 replies
  • 0 Likes

Captive portal - how to logout?

Hello I need to do changes to my CP settings. Now I have CP in redirect mode and everything is OK. I have task to setup few computers in library that will allow our students use internet - but after logon. This part is easy ... but students need it for short time, and new one would use same computer (I can ask to shutdown browsers every time th...

_slv_ by L4 Transporter
  • 5267 Views
  • 1 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels