General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 650 Views
  • 0 replies
  • 0 Likes

option 61 on dhcp client non-mgmt

I have ether1/1 assigned as my untrusted/WAN interface. It is in Layer 3 mode and has been set as a DHCP-Client. I need to tell the firewall to send a option 61 (clientid) as part of it's DHCP discover. I been looking though OS 7.1 and can't find it

...

PAN 5250 routing question

Hi guys, new with PANs but not with firewalls.  Replacing our older Cisco ASAs with PANs and have a design question for larger installations (about 10,000 simultaneous users).  We currently route our wireless traffic with two pairs of Cisco 6500/sup2

...

Resolved! URL DB recategorization

Hello ,

We are currently using Panorama 5.0.11 Version .

Most of the website is blocking due to this version .

We have already requested brightcloud to recategorized the URL to new one .

But still we are facing the issuue.

Like widma.com coming to Adult a

...

tiwara by L3 Networker
  • 9716 Views
  • 8 replies
  • 0 Likes

Box - Control access

We are discovering more and more companies are using EFSS (or just FSS) solutions like Citrix FileShare, Box, OneDrive, Google Drive, and even Dropbox to share content.  We have had a blanket deny policy for a long time so as to prevent using one of

...

Resolved! Reached max allowble probes

Users have no access.

 

[Debug  988]: Reached max allowble probes, adding IP 10.100.xxx.xxx to queue for later processing.  Probing 40 IPs, list contains 117 entries
Reached max allowble probes, adding IP 10.100.xxx.xxx to queue for later processing.

...

Resolved! Can PA-200 or PA-500 be infected with Win32/Hupigon?

I had a puzzle today from my ISP suggesting that they are receing traffic infected with Win32/Hupigon from the management interface of my PA-200s and PA-500s. I don't route user data through the management interface. So, is it really possible that PA

...

bokeke by L0 Member
  • 2021 Views
  • 1 replies
  • 0 Likes

Resolved! GRE traffic being dropped by PAN

Hello,

 

An internal host is attempting to establish PPTP tunnel connection with an outside Internet host. The internal host accesses the Internet over NAT (actually PAT) on firewall's outside IP address. There was no issue with PPTP (TCP 1723) connect

...

Farzana by L4 Transporter
  • 4857 Views
  • 2 replies
  • 0 Likes

Resolved! User-ID and child domain Global Catalog server

Hi,

 

I have a deployment question in regard to User-ID and multi domain.

 

If we are trying to pull group mappings and have user ID setup only on a child domain server through GC LDAP,  the user credentials used to login and thus pick up with the userid

...

Davyboy by L1 Bithead
  • 5383 Views
  • 3 replies
  • 2 Likes

Filtered OSPF

I would like my PAN 5060 to learn one route from my OSPF infrastructure generally - but no others. The idea is that when this route is availalbe traffic would flow to the inside trusted interface of the PAN. But if that route drops out due to WAN cir

...

palomed by L3 Networker
  • 2549 Views
  • 3 replies
  • 0 Likes

SSH Brute Force and IP exception

I have vulnerability profile with action for High severity signatures as "alert".  I then configured an exception for SSH Brute Force (ID 40015) as "block-ip, src and dst (30 mins)". Everything worked well until we had issues for the systems exiting

...

NTLM authentication problems

Hello,

I`m trying to configure NTLM Authentification over Captive Portal for users in my network. I have PA-500. I set the next configuration parameters:

1. LDAP Server Profile

2. Authentication Profile

3. Authentication Policy (Authentication enforcemen

...

niitnn by L1 Bithead
  • 4773 Views
  • 8 replies
  • 0 Likes
  • 23947 Posts
  • 113 Subscriptions
Top Liked Authors
Labels