General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Hardening the security rule for service ports

Hello Experts

 

In my firewall configuration, many security rules have specific application but service ANY. I would like to harden service part as well. Once I veiw the logs for particular security rule to check service ports, there are many pages, I

...

Resolved! Configuration Management

Hi,

I have a further question:

I don't understand the configuration management yet.

The option "Revert to last saved configuration", what does that mean?

When is a configuration saved? Every time I commit ? Or only manually?

 

Maybe I have done changes on

...

MPI-AE by L4 Transporter
  • 1627 Views
  • 4 replies
  • 0 Likes

Route check on PA firewall - Longest match not there??

Hello Experts

 

 

I want to check which route is matching for some host IP like 10.155.7.33, so I can check the outgoing interface and destination zone for policy lookup. When I run the command “show routing route destination 10.155.7.33/32”, it is show

...

Resolved! Captive Portal - Source Untrust

Hi everyone, I have a Web Server and i want login users with a Captive Portal,

can I use the CP with Source Untrust to DMZ (where is my Web Server)?
its recommended?

Thanks a lot

Matt.

MineMeld - CSV input feature

Hi all,

 

Firstly, great work on MineMeld - it is fantastic!!! I have it working great for dynamic IP lists and AF export lists, but our customer would like to import Indicators from CSV. It doesn't look possible with current class/prototypes. Any su

...

tkirk by L1 Bithead
  • 15812 Views
  • 14 replies
  • 0 Likes

User ID agent

Hello, 

 

I am integrating User ID agent on a multi domain invironment. 

I have around 14000 users total. What are the System requirements to spin a VM machine where I will install the User ID agent.

to be specific, my client is asking what is the amount

...

Kaliman by L2 Linker
  • 1100 Views
  • 1 replies
  • 0 Likes

Resolved! Install problem

Hello -

 

We are new to MineMeld, we are following the install process given here: https://live.paloaltonetworks.com/t5/MineMeld-Articles/Running-MineMeld-on-VMWare-desktop/ta-p/72038

 

At step 6 the initalization process fails with the message 'ERRO

...

paul_w by L2 Linker
  • 4893 Views
  • 6 replies
  • 0 Likes

Resolved! DNS in global protect vpn

Hello Experts

 

In global protect configuration, I provided the DNS IP. After VPN connect, I have two DNS, Physical card DNS and global protect vpn provided DNS. My question is that what DNS would be used for DNS queries for internet and for traffic th

...

Resolved! Best Security Firewall review

Ok, I heard that palo alto does have a service that will review a firewall configs to make sure the Best Practices and Security Practices are being down. If this is true what is the service call and has anyone use this service ?

 

 

Resolved! IP for portal and gateway in global protect

Hello Experts

 

Can I use different IP for portal and gateway other than IP assigned to external interface of firewall? Should I need to assign this IP also to external interface of firewall or no need?

 

Regrds,

 

GR

Panorama Audit Logs

Hello Experts

 

I am using Panorama to push configs to firewalls. But the problem is that there are alot of users, doing configuration but in audit logs of Panorama, it is showing config by <user> thats it. I would like to see what actual changes/comma

...

Wildfire .docx

Hi,

 

i am testing wildfire at the moment for forwarding .doc, .docx and EXE Files to the wildfire cloud.

 

This is my rule:

 

 

But it seems, that only .doc and .exe Files are forwared to the cloud (first Forward but then upload skip because the cl

...

WF Rule
DF Log
iweltag by L2 Linker
  • 3483 Views
  • 10 replies
  • 0 Likes