General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! PA-820 - Am I asking too much!

Hi,I've been asked to assess if PA-820s could be used to support a smallish MSP environment and as I'm new to the PA world (and indeed MSP network design) I'm hopeful some of you can point me in the right direction. I may be going about the design wrong so do say if you think there are better/relatively cost free ways to acheive the desired outc...

Generic Customer.png

Resolved! SSH2 Brute Force events in System Logs

Hi guys,I've noticed in my System logs that there are SSH2 brute force attempts against our firewall.Unfortunately nothing is listed in the Traffic or Threat logs under the Monitor tab to indicate from which zone the traffic is originating from.Why would this be the case and how can I enable logging for this in the Traffic\Threat logs to determi...

8.0 credentials phishing queries

Hello All, I have case where in client is having set up the user-id without agent on DC. As per the document says that with this set up the only protection feature available is "Use IP User Mapping" under URL-filtering. I am seeing that it is working partially. When I test the same with log in page on zoom, I am seeing that the URL log shows th...

apatel by L0 Member
  • 2429 Views
  • 1 replies
  • 0 Likes

URL Filtering - Block-Continue On Embedded URL

As a rule we present the "Continue" response page to users for potentially time wasting categories such as streaming media. This works fine, although we have instances where some videos are embedded into other web pages. In these instances the browser does not display the block/continue page, just a generic browser error. We don't want to allow ...

SARowe_NZ by L3 Networker
  • 4017 Views
  • 1 replies
  • 0 Likes

Resolved! SSL Forward Proxy Decrypt Performance Experiences on 5060

Greetings, My company is planning to migrate from an inhouse MS shop to a Office365 based one. We will be using Ofiice365 to provide access to applications like email, LYNC, and Sharepoint. In order to enforce internal security policy, I need to decrypt all of the connections that originate internally to Office365. The decryption is needed for t...

j.silva by L1 Bithead
  • 3196 Views
  • 1 replies
  • 0 Likes

Resolved! Max number of DHCP servers?

Hi all, I have a PA-220 with PAN-OS 8.0.6. I run multiple VLANs on it and have configured 5 DHCP servers on 5 different VLAN interfaces. Now I'm wondering why this setup even works because when I read the PA-220 feature overview it says that only 3 DHCP servers are supported on this device.See "Address Assignment" on https://www.paloaltonetworks...

Resolved! Disabling SSL Decryption not working

Hey everybody!After watching all tutorials and reading all PAN's walkthroughts, I still fail to disable the SSL Inspection (decryption) on all of the outgoing (or any..) traffic. This is my decryption profile:*Rest tabs are default. This is my Decryption Policy: *My Security Policy is just any,any,allow (nothing special) and my traffic is never ...

Capture.PNG
Capture.PNG
Capture.PNG
Capture.PNG

Resolved! Firewall Policy

I am working to configure our new Palo Alto Firewall. In the policy section, I have configured one policy to allow RDP service (3389) using souce & destinaion IP address (Rule-20) and configured another rule (Rule-50) to deny all traffic. Below is the summary of config- Rule-20:Source IP: 192.168.10.20Dest IP: 192.168.15.20App: RDP (3389)Ac...

meshbah by L1 Bithead
  • 4746 Views
  • 5 replies
  • 0 Likes

Resolved! Inter-VR-Routing from Branch Office

Hey all!I am working on a Inter-VR Routing issue and would ask you for some input, how's a best practise..In Headquarter we have two VR's (2 Internet Routers), to reach the old official IP's there was build a DMZ2, which is in the secoundary VR ISP2. With the route in the default VR, which i say the /24-Network in this VR goes in Next Hop to VR ...

routing_rudolstadt.gif

One configuration for multiple sites

We are trying to deploy the PA 220 at multiple sites. The firewall will be facing an outside internet connection protecting a production server. Objective 1 is to create vpn accounts for specified users and machines (using MAC addresses) to control access, Objective 2 is to block ALL other traffic (incoming/outgoing) Objective 3 Create a c...

ddocksta by L0 Member
  • 5038 Views
  • 2 replies
  • 0 Likes

Resolved! Layer 3

I am getting ready to set up our firewall at our commany. I have done the free learning curriculum and what I learned was information but it didn't prepare for my first steps totally. I understand that the basic required properties when setting up a Layer 3 interface is: type, virtual router, security zone..I am going to be setting our interface...

Populate Dynamic Address group via XPATH

Hi, Has anyone succeeded yet in populating a Dynamic Address Group with IP addresses using XPATH?(API can use 2 methods: an XML file or all info included in one command via XPATH).Idea is to integrate with Infoblox, which only understands XPATH. Thanks

How to block sites where to buy/sell crypto coins

Hi, I'm getting the question of the management to block all sites that are dealing with selling or buying crypto coins.They are getting tired of it that lots of employees are wasting time to check there crypto coins all the time and buy and sell them.Is there a way to block this in the firewall? I'm afraid that all of these sites are in the cate...

ZEBIT by L3 Networker
  • 5950 Views
  • 6 replies
  • 0 Likes

Resolved! How to allow RDP with specific port.

Good day. I am new in handling firewall. We use juniper before (i did not setup). Before we can remote access (remote desktop protocol) our network. I would like to setup that kind of connection again. Before on the remote desktop connection, we just put IP Address:port number + domain account (authentication). How to setup like that? Thank you....

Change filename of custom report file

Is it possible to change the underline part of this file ? 11-20171213DailyDroppedThreats.csv. I am trying to automate some data collection and the beginning number "11" seems random to me.

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels