This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! Reached max allowble probes

Users have no access.

 

[Debug  988]: Reached max allowble probes, adding IP 10.100.xxx.xxx to queue for later processing.  Probing 40 IPs, list contains 117 entries
Reached max allowble probes, adding IP 10.100.xxx.xxx to queue for later processing.

...

Resolved! Can PA-200 or PA-500 be infected with Win32/Hupigon?

I had a puzzle today from my ISP suggesting that they are receing traffic infected with Win32/Hupigon from the management interface of my PA-200s and PA-500s. I don't route user data through the management interface. So, is it really possible that PA

...

bokeke by L0 Member
  • 1793 Views
  • 1 replies
  • 0 Likes

Resolved! GRE traffic being dropped by PAN

Hello,

 

An internal host is attempting to establish PPTP tunnel connection with an outside Internet host. The internal host accesses the Internet over NAT (actually PAT) on firewall's outside IP address. There was no issue with PPTP (TCP 1723) connect

...

Farzana by L4 Transporter
  • 4408 Views
  • 2 replies
  • 0 Likes

Resolved! User-ID and child domain Global Catalog server

Hi,

 

I have a deployment question in regard to User-ID and multi domain.

 

If we are trying to pull group mappings and have user ID setup only on a child domain server through GC LDAP,  the user credentials used to login and thus pick up with the userid

...

Davyboy by L1 Bithead
  • 4741 Views
  • 3 replies
  • 2 Likes

Filtered OSPF

I would like my PAN 5060 to learn one route from my OSPF infrastructure generally - but no others. The idea is that when this route is availalbe traffic would flow to the inside trusted interface of the PAN. But if that route drops out due to WAN cir

...

palomed by L3 Networker
  • 2258 Views
  • 3 replies
  • 0 Likes

SSH Brute Force and IP exception

I have vulnerability profile with action for High severity signatures as "alert".  I then configured an exception for SSH Brute Force (ID 40015) as "block-ip, src and dst (30 mins)". Everything worked well until we had issues for the systems exiting

...

NTLM authentication problems

Hello,

I`m trying to configure NTLM Authentification over Captive Portal for users in my network. I have PA-500. I set the next configuration parameters:

1. LDAP Server Profile

2. Authentication Profile

3. Authentication Policy (Authentication enforcemen

...

niitnn by L1 Bithead
  • 3882 Views
  • 8 replies
  • 0 Likes

Pan-OS 8.0 and PA-200

Has anyone upgraded a PA-200 to PAN-OS 8.0? If so have you seen a performance hit at all? Notice a difference in how long things take? Commits? Response time? How long did the upgrade take? Did it take the 50-60 minutes Palo says? If so is that sitti

...

JeffTQT by L2 Linker
  • 5178 Views
  • 8 replies
  • 1 Likes

Resolved! How PA deals with packets with bad checksum?

Hey Guys,

 

Just trying to find out if someone knows, what PA policy is regarding packects with bad checksum?

Will they be allowed through the PA, or PA silently drops those packets or sends back a reset to

the source?

 

Any help appreciated.

 

Thanks,

Fatema

...

Fatema by L2 Linker
  • 5340 Views
  • 2 replies
  • 0 Likes

BGP peers transit sessions flapping

Hi Guys,

 

PA-5050 is a transit device for four BGP peers. Had no flapping since 2015 on PAN-OS 6.0.12. After upgrade from 6.0.12 > 7.0.11 BGP peering no longer stable:

 

 

Can anyone advise something? Apart of the increasing a timeout session under the a

...

BGP flapping.png
  • 24026 Posts
  • 102 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks