General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 433 Views
  • 0 replies
  • 2 Likes

PAN 5250 routing question

Hi guys, new with PANs but not with firewalls.  Replacing our older Cisco ASAs with PANs and have a design question for larger installations (about 10,000 simultaneous users).  We currently route our wireless traffic with two pairs of Cisco 6500/sup2

...

Resolved! URL DB recategorization

Hello ,

We are currently using Panorama 5.0.11 Version .

Most of the website is blocking due to this version .

We have already requested brightcloud to recategorized the URL to new one .

But still we are facing the issuue.

Like widma.com coming to Adult a

...

tiwara by L3 Networker
  • 9445 Views
  • 8 replies
  • 0 Likes

Box - Control access

We are discovering more and more companies are using EFSS (or just FSS) solutions like Citrix FileShare, Box, OneDrive, Google Drive, and even Dropbox to share content.  We have had a blanket deny policy for a long time so as to prevent using one of

...

Resolved! Reached max allowble probes

Users have no access.

 

[Debug  988]: Reached max allowble probes, adding IP 10.100.xxx.xxx to queue for later processing.  Probing 40 IPs, list contains 117 entries
Reached max allowble probes, adding IP 10.100.xxx.xxx to queue for later processing.

...

Resolved! Can PA-200 or PA-500 be infected with Win32/Hupigon?

I had a puzzle today from my ISP suggesting that they are receing traffic infected with Win32/Hupigon from the management interface of my PA-200s and PA-500s. I don't route user data through the management interface. So, is it really possible that PA

...

bokeke by L0 Member
  • 1912 Views
  • 1 replies
  • 0 Likes

Resolved! GRE traffic being dropped by PAN

Hello,

 

An internal host is attempting to establish PPTP tunnel connection with an outside Internet host. The internal host accesses the Internet over NAT (actually PAT) on firewall's outside IP address. There was no issue with PPTP (TCP 1723) connect

...

Farzana by L4 Transporter
  • 4622 Views
  • 2 replies
  • 0 Likes

Resolved! User-ID and child domain Global Catalog server

Hi,

 

I have a deployment question in regard to User-ID and multi domain.

 

If we are trying to pull group mappings and have user ID setup only on a child domain server through GC LDAP,  the user credentials used to login and thus pick up with the userid

...

Davyboy by L1 Bithead
  • 5077 Views
  • 3 replies
  • 2 Likes

Filtered OSPF

I would like my PAN 5060 to learn one route from my OSPF infrastructure generally - but no others. The idea is that when this route is availalbe traffic would flow to the inside trusted interface of the PAN. But if that route drops out due to WAN cir

...

palomed by L3 Networker
  • 2395 Views
  • 3 replies
  • 0 Likes

SSH Brute Force and IP exception

I have vulnerability profile with action for High severity signatures as "alert".  I then configured an exception for SSH Brute Force (ID 40015) as "block-ip, src and dst (30 mins)". Everything worked well until we had issues for the systems exiting

...

NTLM authentication problems

Hello,

I`m trying to configure NTLM Authentification over Captive Portal for users in my network. I have PA-500. I set the next configuration parameters:

1. LDAP Server Profile

2. Authentication Profile

3. Authentication Policy (Authentication enforcemen

...

niitnn by L1 Bithead
  • 4337 Views
  • 8 replies
  • 0 Likes

Pan-OS 8.0 and PA-200

Has anyone upgraded a PA-200 to PAN-OS 8.0? If so have you seen a performance hit at all? Notice a difference in how long things take? Commits? Response time? How long did the upgrade take? Did it take the 50-60 minutes Palo says? If so is that sitti

...

JeffTQT by L2 Linker
  • 5592 Views
  • 8 replies
  • 1 Likes
  • 23698 Posts
  • 110 Subscriptions
Top Solution Authors
Labels