Resolved! How to connect the Paloalto syslog with rsyslog?
Hello good morning,someone could help me please.I'd like to know how I can connect a paloalto firewall syslog to the rsyslog application. regards
Hello good morning,someone could help me please.I'd like to know how I can connect a paloalto firewall syslog to the rsyslog application. regards
We presently leverage a fwd-proxy solution that a selection of hosts (2000-3000) on various networks pass through in order for us to funnel them to a few IP's and enforce a more STRICT URL policy at the perimeter. The hosts are managed through GPO. My question is will PAN or has PAN developed the capability to take the role of a fwd-proxy server...
I have enabled URL filtering to block web advertisements, but it looks really bad cosmetically on the users end when they get to a web site where the advertisement should be there is big texted block page. Anyway we can eliminate the block page for web advertisements or make this look "prettier"
Hi Guys, Please can someone explain me why we would use the file blocking profile as well as the wildfire profile on the same security rule.What i understand is that once the file is blocked then no need to send it for the wildfire analysis..Please correct me. Now what will happen if the file is allowed,will it be sent for analysis and meanwhile...
Hi folksJust sanity check required here, make sure i'm not missing something.with regards to: updates.paloaltonetworks.com Can I please ask community to confirm only Port 443 is required, as I currently have FW blocking Panorama registrastion process. Thanks in advance !
Hi all, I've a PA-3020 and i'm trying to configure multicast between 4 zones.All zones are directly connected to the PA.ZoneA -> There are all my HDMI - WIFI adapter (Airtame)ZoneB -> Users BZoneC -> Users CZoneD -> Guests When an user is in ZoneB, or C or D and executes Airtame software, it starts a multicast discover to find all HD...
See attached that show issues
Will the GP VPN client provide encryption for WPA2 sessions comprimised by the recent KRACK method? Does that cover all the OS varients - Win, Mac, IoS, android? I realize that only covers traffic routed back to the firewall.
Hi, I've an application who has to query an Oracle database to get information from it. There is a PaloAlto firewall between my application and the DB. I actually reach the database, but I can't collect the information that I need. Making a quick tcpdump of incoming packets on the server in which my application is running, I noticed on wireshark...
I see a lot of threat (thousands in a few minutes) to one of my webservers from IP 176.10.115.140.This IP belongs to cyberghost, so probably someone used this to hide his own IP and attack our webserver.Is there a way to block this traffic (before the threat prevention blocks it)? I know I can try to block this ip (or even the scope), but when s...
Hi all, Is there an archive of release notes for dyanmic updates? I've just discovered that a firewall I inherited has a very old version of the Application version. I'd like to determine just how old it is (so I know how much chaos I'm going to cause when it gets updated.) Thanks,- Steve
So up to this point I'd only been using tagged sub interfaces for capacity\housekeeping\etc, so they were all in the same security zone. Now I have a case where I'd like to be able to add some rules to where traffic from this new VLAN can go.. I put the new sub interface in a new zone, add the new zone to the general internet access rules and...
Hi,is there a way to create a rule like this?if( session_end_reason eq aged-out ) and ( zone.dst eq SERVER ) and ( app eq incomplete ) and ( rule eq MY OUTSIDE RULE ) and ( bytes eq 308 )block the IP for 300 seconds
This is probably a relatively simple question and I think I know the answer but would like to confirm with the wider community. We currently have Global Protect Client 3.1.1 active on our Firewalls. We are looking to go up to the 4.0.x branch of the client in the near furture. Will devices out there with the 3.1.1 agent installed still work if t...
I am currently running Panorama with a 25 device license limit, and I have purchased and need to upgrade to the 100 device limit. It seems the auth code for the 100 licenses is the same as the auth code for the 25 licenses.When I go to Panorama, Licenses, and click the Retrieve license keys from license server, it doesnt return anything. I tried...
| Subject | Likes |
|---|---|
| 4 Likes | |
| 2 Likes | |
| 2 Likes | |
| 1 Like | |
| 1 Like |
| User | Likes Count |
|---|---|
| 4 | |
| 3 | |
| 2 | |
| 2 | |
| 2 |

