General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Thank You for Filling Out the LIVEcommunity Experience Survey!

If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users. 

 

In the past six

...

survey-livecommunity.png
jforsythe by Community Team Member
  • 14564 Views
  • 1 replies
  • 4 Likes

7.0.3 upgrade

I am planning on upgrading the PA 5050 os from 6.1.7 to 7.0.3. I have been reading over the changes and I think it would be beneficial to see examples instead of description of what changes are , anyone have any recommendations

jdprovine by L4 Transporter
  • 6286 Views
  • 27 replies
  • 0 Likes

Resolved! Block Vpn

Hi,

How to block ssl vpn and  ipsec vpn going from trust to untrust .

 

I suspect few users are using  like free vpn services like  tunnel beer and hola vpn .

 

How can i  search those users  from palo alto log.

 

Some users are connected from inside

...

sib2017 by L4 Transporter
  • 1446 Views
  • 2 replies
  • 0 Likes

PA doesn't cover DROWN Attack?

A customer has been warned about DROWN attack (https://drownattack.com/) on one of its servers. As a server is behind PA I thought there was no risk. But searching through signature database I didn't find anything about DROWN attack. I've also checke

...

santonic by L5 Sessionator
  • 3662 Views
  • 8 replies
  • 1 Likes

Resolved! Multiple PBF probes?

We would like to configure PBF to failover when several conditions are met. For instance, if we can't ping our next hop AND we can't ping some public server(s). The idea being, while our next hop might be pingable, there may be a routing issue in the

...

cburke by L1 Bithead
  • 1841 Views
  • 5 replies
  • 0 Likes

UserID instances

I would like to know if we can use the same UserID agent software for 2 domains in different windows machines. If we cant do it, we need to know if we can run 2 diferent instances of UserId agent in the same windows machine pointing to 2 different do

...

"Unusual traffic from your computer network"

Hi,

Users are often getting the message from google and they are forced to enter captcha  "Unusual traffic from your computer network",when i check palo alto it seems very normal . 

Is there a way to classify  or monitor the users who really sending

...

sib2017 by L4 Transporter
  • 6505 Views
  • 1 replies
  • 0 Likes

Resolved! Can we tweak a vuln threat sig settings?

I'm looking to tweak the "40015 SSH User Authentication Brute-force Attempt" which currently fires at 20 ssh attempts within 60 seconds - I'm looking to increase that 20 number. For some reason I can't think of how to easily tweak it right now... may

...

ulti by L3 Networker
  • 3479 Views
  • 2 replies
  • 0 Likes

Software packet buffer depletion

We're currently observing something quite interesting:
On our highly oversized PA-5050 firewall, software packet buffer 0 is, for several hours a day exhausted.

 

This is the platform (pair that runs in High Avalailability A/P):
family: 5000
model: PA-5

...

Dulle by L2 Linker
  • 4692 Views
  • 6 replies
  • 0 Likes

Resolved! OSPF with redundant route

Hello.

Currently we use OSPF as our routing protocol between five locations over a layer two IP Ethernet network provided by telco A. In order to get carrier diverse routes and add redundancy we are adding a second similar network provided by Telco B

...

ldavie by L2 Linker
  • 2306 Views
  • 3 replies
  • 0 Likes

Resolved! Multiple Addresses in the same ethernet interface

Hello everyone.

 

I need to publish 2 webservers (192.168.23.10 and 192.168.23.11), both located inside my LAN (trusted zone) through 2 different public IP addresses (200.111.111.114 and 200.111.111.115). This is the configuration:

 

admin@PA-500# sh...

adiazm by L1 Bithead
  • 10670 Views
  • 3 replies
  • 0 Likes

Resolved! Block google accounts

Hi,

can You help with following question?: In my policies i want allow google base searching, but do not allow google accounts,or google apps.

Top Liked Authors