General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Impossible? List unused Addres Objects?

I assume there is no report to list address objects that have not been used Ones that may or may not be in rules, relate to long dead or incorrectly entered endpoints, that have not generated any traffic. I have seen the "Shared_dup_and_unused... script, but don't think that gives me the desired result. Unless someone has something already, I th...

Policy Rules for BFD, OSPF , DHCP and DHCP relay

Hi So do I have to setup policy rules to allow OSPF, I have OSPF on the PA . But when i don't have the rules in place OSPF fails, when i have them it doesn't log anything DHCP, do I need it if the PA is running DHCP. what is the source and destination ? DHCP-relay, source is the input zone and the destination is the dhcp server I am relaying to...

Looking for maximum cps made by the firewall since last reboot

Hello All, I understand that there is show session meter, show session id and also show system statistics session But I would like to find out how many maximum connections were made in a second, since my firewall last rebooted. I am looking for a number, which tells me what is the maximum connections my firewall made in a second since it reboote...

SuryaR by L3 Networker
  • 2136 Views
  • 1 replies
  • 0 Likes

Rules with schedules failing intermittantly

I recently upgraded to OS 7.1.15 on my PA 5050, I have two rules with schedules on them and have had for over a year. In the traffic logs it was showing the traffic going back and forth between denying and allowing the traffic. When I removed the schedules they worked with no issues. Any ideas what could be going on?

jdprovine by L4 Transporter
  • 4981 Views
  • 10 replies
  • 0 Likes

Captive portal - how to logout?

Hello I need to do changes to my CP settings. Now I have CP in redirect mode and everything is OK. I have task to setup few computers in library that will allow our students use internet - but after logon. This part is easy ... but students need it for short time, and new one would use same computer (I can ask to shutdown browsers every time th...

_slv_ by L4 Transporter
  • 5274 Views
  • 1 replies
  • 0 Likes

multiple user-ip-mapping sources

I recently configured windows user-id agent and have it in conjunction with agentless user-id. Can I have both running on the firewall as a redundancy?or should I remove agentless config?will it create any harm if I keep both running?

Resolved! User activity report Query

Hello, I go to ACC tab -->Onleft side select the time frame --> Network Activity -->User Activity --> Export to PDF 1) User activity report when it is pulled it shows Source User and destination User. What is that destination user means? 2)Under Destination IP activity tab, once the report is pulled it shows the destination IP's but ...

Farzana by L4 Transporter
  • 2610 Views
  • 1 replies
  • 0 Likes

Check GlobalProtect VPN users with PowerShell GUI

I wrote a simple PowerShell GUI script that can check for GlobalProtectVPN users connected currently, or at a past date.It uses the Rest API to grab the information. Not sure if anyone would find it useful.Here is the Github link: https://github.com/marcusit/PaltoShell

paltoshell
molander by L2 Linker
  • 15833 Views
  • 15 replies
  • 2 Likes

Resolved! Wildfire Activity?

Hi folks, We have a Wildfire public cloud subscription, dynamic updates, and security profile configured.I've been asked, "How do we know it's doing anything?". When I look at Wildfire submissions, the last submissions are from January and end of last year.I am looking at this article and our settings, I don't think our's looks correct. Our Fil...

wildfire2.jpg
wildfire1.jpg
OMatlock by L4 Transporter
  • 3586 Views
  • 4 replies
  • 0 Likes

DAGPusher - Questions; API Key? How to specify what Dynamic address group object to apply IPs to?

Regarding DAGPusher Output node. I don't mean to hit anyone with a firehose but I have several questions I'm having trouble finding the answers to regarding the DAGPusher Output node in MineMeld. It's my understanding this node will allow MineMeld to add IPs to a Dyanmic Address Group object on a PA. Is there any documentation for this modul...

PA-User by L1 Bithead
  • 7496 Views
  • 5 replies
  • 0 Likes

DAGPusher new setup

Hello, I finished the setup of DAGPusher and DAG in Panorama. The list of indicators is populated in the MineMeld DAGPusher but my DAG in Panorama is not populated. In the MineMeld logs I can see following: 2018-02-23T14:18:23 (17217)dag._device_pusher_died ERROR: dagPusher-LIST - exception in greenlet for 10.10.10.10, respawning in 60 seconds...

pverar by L1 Bithead
  • 11630 Views
  • 10 replies
  • 0 Likes

Resolved! Custom URL matching on wrong URLs

Hi, I have a security rule that's supposed to be only allowing traffic for URLs in a custom URL category. However, it appears that it's matching lots of other URLs that aren't in the category. Below are some screenshots. I'm running v8.0.6. Let me know what other info you might need and what I'm doing wrong. Thanks. Matt Security rule showi...

mprintz by L2 Linker
  • 11840 Views
  • 13 replies
  • 0 Likes

Resolved! Verify SSL and SSH Inspection

Hello everybody.I am using the SSL Inspection over HTTP (HTTPS) service on our office GWs. I know how to set up rule bases and configure my Decryption Profile well. I have read PAN's documentations and watched a tutorial about how to configure a SSL Inspection over other desired protocols, such as SMTP/IMAPS etc. I've come to conclusion that I c...

  • 24400 Posts
  • 123 Subscriptions
Top Solution Authors
Labels