General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Best practice for windows 10 updates about QoS policy

Hi, all. Recently, one of our company's valuable customer request the solution about QoS policy. The customer's QoS policy was Application 'ms-update' Services 'application-default'This policy applied well in Windows 7 environment. However, the problem is Windows 10 envrionment.When the computers tried to update to Window Updates, this QoS rule ...

30 Day Trial License Expire

Hi guys,We have been used 30 Days trial ULR Filtering License so far.After 30 days, it means expired, We couldn't use it naturally.and I tought it may can use old db version-url filtering- even though It won't get any update information as like normal License. But it didn't happen like below traffic log It couldn't block any pages belong to in...

image.png
Kang_Han by L1 Bithead
  • 4721 Views
  • 3 replies
  • 0 Likes

Application issues Via VPN with Peer

Hi Guys, I need some help dealing with CyberAck over VPN. The problem is that I created and established a VPN with a remote peer for CyberAck traffic. Service is Any but application is default. Traffic is allowed via the firewall but I get an error (tcp-rst-from-server) on both sides or server and client. Cyberack uses TCP ports 4118, 4119, 4120...

GlobalProtect and Microsoft NCSI

When users are connected to GP they are unable to search online templates from both word and visio.it works OK when connected to LAN and we have a test policy that allows all outgoing traffic for myself and I still cannot search the online templates via GP. I think this has something to do with MS NCSI, as the VPN client has no default gateway. ...

Mick_Ball by L7 Applicator
  • 5208 Views
  • 3 replies
  • 0 Likes

How to configure PA with an MPLS circuit

I am looking for documentation on using MPLS with my PA 3050. I have found community article 59127 but was hoping for more information. We are about to aquire an MPLS circuit from our ISP for a remote office. The remote office will have seperate VLANS. The ISP will provide the MPLS routers. On the remote office end the router LAN interface will ...

Bvance by L2 Linker
  • 7646 Views
  • 2 replies
  • 0 Likes

Panorama Log Storage Calculation

Ok so I guess my logs dont even collect for 24 hours due to my log storage being about 7GB. Silly people who set this up I swear. So I am trying to figure out how much I do need. I have a PA-500, PA-820, PA-3050 (x2, they are HA pair) and a PA-3020. https://live.paloaltonetworks.com/t5/Management-Articles/Panorama-Sizing-and-Design-Guide/ta-p/7...

Resolved! Dealing with Threat Alerts?

Hi Folks, We have Critical Threat Alerts emailed to us and usually its every couple of days we get a few alerts, mostly Apache Struts Jakarta. But over the last 4-5 days there has been a significant increase in threat alerts. 60-100 emails per day, same IP address in groups of ~10. We are using default vulnerability protection profile and def...

OMatlock by L4 Transporter
  • 9223 Views
  • 11 replies
  • 0 Likes

Applications and their Risk Level value

How does Palo Alto classify the applications risk level? I am looking into general applications that are used everyday by lots of people that have Risk level 4 and the application research center gives me this: eventbritebusiness-systemsgeneral-businessbrowser-based Reasons are: 1 SaaS1 Transfers Files1 Used by Malware1 Vulnerabilities1 Widely U...

Resolved! Policy installation status

How to check policy installation status in panoram aor device. if i have installed the policy how to check other person when policy was install in palo alto firewall ?.

Abdhesh by L0 Member
  • 3263 Views
  • 1 replies
  • 0 Likes

Resolved! How do I white list an external IP address?

I have a known external Nessus scanner that scans my external network every weekend. Every Monday morning, I've got hundreds of alerts due to these scans. I do not want to disable the scan alerting in general because if anyone else scans me, I want to know, but how can I whitelist these few specific IP addresses so I won't get all these alerts? ...

Anyone ever use “internal host detection” on GP?

Hi, Anyone ever use “internal host detection” on GP? For some reason it does not try to do the test. I checked the GP services log and did not find an entry there. I am trying to force "enforce GlobalProtect for Network Access" when users are cocnneced to the internet. Thanks

junior_r by L3 Networker
  • 6430 Views
  • 13 replies
  • 0 Likes

Panaroma Managed Devices

Is there a way to see which managed devices have outdated signatures including release dates, for example - Wildfire, App and Threats and Antivirus?

  • 24392 Posts
  • 123 Subscriptions
Top Solution Authors
Labels