General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Failed commiting config from Panorama

Hi, We have a Panorama with several FWs managed. We commited the config but in one of these FWs was failed.Looking in panorama we see that this device is out of sync (in templates and shred policy). how can i force this commit?? or to have any reason for this fail??. I dont see any error or how to investigate....

Integrate with MISP

Hi all, Do you know something sample about integration with MISP (Malware Information share platform)??? So another question is about scripts, can I launch a script into conifg a new prototype? If I've created a new prototype I set a url option...can I set the url option for script option???? Thanks a lot

SantiBT by L2 Linker
  • 23286 Views
  • 19 replies
  • 0 Likes

Ignore all Computers from xmlapi mappings

Hi Everyone,I am trying to intergrate clearpass with Palo alto using xlampi, all was going well however i struck a problemIn clearpass i have two types of users that are autheticating, domain joined machines (which authenticate using "compute authentication" and i also have byod users that authenticate using user based ad authetication.so when a...

Resolved! Troubleshooting SSL decryption failure of a website

Hello. We are using panOS 8.0.7 , Pan-DB URL filtering, and SSL decryption. We are K12 education and use many Chromebooks in the organization. We are trying to use a system called Clever to have our students log into their Chromebooks by scanning a QR code. The problem is I cannot get the program to work. (https://clever.com/) I know the issue ...

dannon by L3 Networker
  • 12493 Views
  • 10 replies
  • 1 Likes

Clear Policies, Rules, Configuration without Factory Reset

Hello Community, Can someone please let me know if its possible to clear the PA-VM of all Security Policie, NAT rules, configuration, logs etc without issuing the command: request system private-data-reset This command requires that I re-install the license when all I want to do is clear the configuration etc. Thank you

Resolved! GlobalProtect client issues with Windows Hello login - Windows 10

Hi all, we've recently started using GlobalProtect but when using the client on my devices I've noticed an old issue that I first saw quite a while back during testing, wondering if anyone else has experienced it or has a fix? I run Windows 10 (1709) on my laptop using fingerprint login via Windows Hello. The functionality worked reliably until ...

hcnsgxs by L0 Member
  • 17947 Views
  • 4 replies
  • 0 Likes

Global protect username tags

Hello all, I use RADIUS server for authenticating GP users. Is there a possibility to read tags sent by RADIUS server associated with user groups and palo could allow/deny specific users?

Palo alto traffic shaping

Hi, I have the below topology . video conference device is connected in distribution .All the devices are cisco . Actually I want to prioritize and reserve 10 mb for the vc .Marking the vc network as real time will help . I have never seen the dataplane going high in palo alto . The real congestion is facing at internet router .In that ca...

Traffic Shapping.png
simsim by L4 Transporter
  • 7303 Views
  • 9 replies
  • 0 Likes

Resolved! Spectre / Meltdown vulnerabilities - why are default actions set to 'alert'

Specifically for: 38407 (TLS Network Security Protocol Information Disclosure Vulnerability - ROBOT)31127 (Multiple CPUs Side-Channel Information Disclosure Vulnerability - Spectre - Meltdown)30276 (Multiple CPUs Side-Channel Information Disclosure Vulnerability - Spectre - Meltdown) action is to 'alert' only. The last two vulns are severity 'c...

Resolved! Zero indicators in inboundfeed

I am trying out minemeld and I started by adding miner (zeustracker.badips) and removing the default dshield and spam nodes. Before removal inbound feeds were showing subnet ranges/indicators. After removal there is not a single ip. processor shows RX count and PROCESSED count but output is all zero. Am i doing something wrong?

raji_toor by L4 Transporter
  • 6886 Views
  • 3 replies
  • 0 Likes

Network Outbound baseline.

I need to provide a baseline of allowed traffic outbound for a period of time. So to list Client -> External Server [ Port/Application ] Is there a report on the PA-3020 that can be crafted to do this Thanks Rob

Overlapping entry in custom url lists

I have 2 custom url categories. One as whitelist and other as blacklist. I am in the situation where I have *.youtube.com in allow list and needed to block tv.youtube.comI added tv.youtube.com to blocklist but the firewall is still taking *.youtube.com and allowing it. I donot want to remove *.youtube since there are many links that should be al...

Resolved! How to allow GRE protocol 47 through Palo Alto FW?

Dear Friends, I'd be grateful if you could help me with this ... I'd like to allow GRE traffic (protocol 47) through my Palo Alto FW. I want to allow all the GRE traffic through and not terminate a GRE tunnel on the PA itself. Appologies if this is simple, please can someone point out how I can do this? Do I need to create a FW policy to allow G...

Jedi_D by L2 Linker
  • 9437 Views
  • 3 replies
  • 0 Likes

Firewall with Vsys in Panorama

Hello We are managing a several firewalls with single vsys with our M500 Panorama. Now we will be adding a new PA Firewall with multiple context to panorama. So the question is: What is recommended 1. Should we first add the firewall in panorama and then turn on multiple mode? 2. Turn on multiple mode first and then add it in Panorama? Any recom...

  • 24397 Posts
  • 123 Subscriptions
Top Solution Authors
Labels