General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! GP Internal Host Detection not Working

To start off... I have already read this. https://live.paloaltonetworks.com/t5/Management-Articles/GlobalProtect-not-Detecting-Internal-Network-with-Internal-Host/ta-p/53681 I'll start off with the whole story. We have 2 ISP's, setup to our PA-500's using 2 VR's. One was setup for the DMZ Zone, with it's default out ISP 1. The Second VR was ...

Zewwy by L3 Networker
  • 15496 Views
  • 7 replies
  • 0 Likes

Resolved! What is the correct way to send all traffic to the virtual firewall?

Hello, good morning, I plan to purchase the product vm100 (kvm), to have a virtualized firewall on a dedicated server. In the same rack will have other servers connected to a switch. I wonder, what would be the right way to pass all incoming and outgoing traffic from the other servers through the firewall. Thank you very much for advising me on ...

Resolved! FTP traffic denied with Strange behaviour

This is my rule: The traffic is allowed, however suddenly the traffic will be denied and starts working after some time:Please refer the logs:The same traffic ( same porta and destination ) which was allowed suddenly denied in firewall.Data lane CPU percentage is below 20% during this time.its 5050 firewall with 7.1.7 verson. Have any one faced ...

Rule_post.png
Post_rule.png

About traffic-stop-on-logdb-full feature

We're receiving multiple alerts "SYSTEM ALERT : critical : Traffic and logging are resumed since traffic-stop-on-logdb-full feature has been disabled ." for one fo the device, what needs to be done ? Please advise. Thank you.

Ayesha by L0 Member
  • 7434 Views
  • 6 replies
  • 0 Likes

Issue NAT via VPN tunnel - VPN zone to Trusted zone

Hello I'm having a very similar issue with trying to configure a NAT translation from VPN to Trusted zone. In my case I'm building a VPN tunnel for monitoring using /32 ProxyIDs. My configuration VPN ProxyID is like the example below: Remote: Local:3.3.3.3/32 172.25.40.3/32 My NAT is configured as follows....

bshuman by L1 Bithead
  • 4712 Views
  • 3 replies
  • 0 Likes

File Hashes?

Does anybody know where to find the associated file hashes for files from the threat or data filtering log? I know Palo is generating file hashes on files because that's how they're determing what to send to WildFire but I can't find a file lash log anywhere. I would like to see this in the data filtering log.

r_gine by L1 Bithead
  • 5529 Views
  • 5 replies
  • 0 Likes

Resolved! Couple of issues with MineMeld 0.9.42, PanOS 7.1.11

Hi, I have a couple of problems with MineMeld (on a VM from ova template). 1. I recently seem to have lost the ability to export a system backup (which was working until recently). In the log, I can see a bunch of "GET /jobs/status-backup/.....", but the actual download never starts. [2017-10-23 16:12:19 UTC] [1971] [INFO] AUDIT - {"ms...

Problem with Panorama

Hi, I need to specify a group to access an SSL VPN.When I try to select a user or group from the agent menu in Panorama, they are not available.If I try to do the same on a physical equipment, it works.Anyone know what I can do to fix this?

BancoABC by L1 Bithead
  • 3024 Views
  • 4 replies
  • 0 Likes

Resolved! Multiple Proxy Configuration Feed Miner

Hi people! I have an issue configuring multiple jsonseqfeed miners in my local instance of Minemeld. This is the actual case: I have multiple miners getting information from autofocus. To get these to work, i had to add the proxy configuration in the /etc/default/minemeld file, no big deal.A group of colleagues, working in another project, have ...

juaniin by L0 Member
  • 3845 Views
  • 1 replies
  • 0 Likes

Resolved! Default gateway to router with two IP address

Hi, I am installing a PA-3020... the customer have a internet router which has two public IP address (190.30.40.1/24 as primary IP and 186.3.30.1/24 as secondary IP).Currently the customer have a Cisco ASA, it is directly connected to internet router, but the IP address in Cisco ASA (untrust interface) is 190.30.40.2/24 and its default gateway o...

  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels