General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 356 Views
  • 0 replies
  • 2 Likes

User-ID inconsistancies

Hello,

 

It's not the first time that I am facing this kind of issue :

 

Context : PaloAlto FW with (multiple) userID agents in a single (or multiple) Microsoft domain and user id based security policies.

 

The User ID feature seems at a glance to be worki

...

logs.JPG

Resolved! RDP NAT connection issue?

Hi folks,

 

For test purposes, I am trying to get RDP to work going through my PA-200 OS 6.1.4 to an internal PC.

I've been following several articles like this one, but not getting it to work.

https://live.paloaltonetworks.com/t5/General-Topics/MS-RDP-N

...

RDPNAT.jpg
RDPsecurity.jpg
OMatlock by L4 Transporter
  • 4630 Views
  • 7 replies
  • 1 Likes

Resolved! NTLM authentication fails

Hi all,

 

I'm facing an issue with captive portal and NTLM.  The SSO (NTLM) fails and the users must enter the credentials via the web-form. I've attached print screens from Wireshark and the output from the userid.log:

 

PAN-OS: 8.0.1

User-ID Agent: 8.0.

...

c1.jpg
c2.jpg

No Block Page when accessing Blocked Categories over HTTPS

Hi there,

I have recently noticed that when I test access to URLs of blocked categories over HTTPS, I do not get a 'Blocked Page' display from the Palo. It just says the Page Cannot be Displayed and show the connection was reset.

 

The URL filtering log

...

Bocsa by L3 Networker
  • 6917 Views
  • 6 replies
  • 0 Likes

Resolved! Where can I obtain rsyslog-minemeld?

Hi, I recently deployed an ansible built version of minemeld on Centos. However it does not appear to include rsyslog-minemeld? Is that still required to use the syslog analyzer node? If so, where can I obtain a rpm version of it?

calvinc by L0 Member
  • 3318 Views
  • 1 replies
  • 0 Likes

Question about vlans/Router on a stick.

I'm looking to configure a Palo as a router on a stick for a site to replace a decrepid Cisco 1811r router. The only printed information I can find is a 4.x document with pretty dissimilar UI images.

 

I've configured mutliple subinterfaces underneath

...

Panorama and Scan Type threats

Anyone know if Panorama is supposed to show Scan type threats in the Threats or Unified views under Monitoring?  I'm investigating why some of our Autodesk software on campus is having problems reaching the licensing server... Panorama didn't show an

...

jsalmans by L4 Transporter
  • 2804 Views
  • 4 replies
  • 0 Likes

User-ID mapping when host has 2 interfaces

We've run into a problem which I understand, I'm just not sure how to fix.  A user on her laptop logs into the domain while her laptop is docked, so UIA has her ip address mapping to the wired connection.  Later, she undocks and flips over to wireles

...

Resolved! H.323 cisco telepresence configuration

 Hi guys,

 

I am very new in PA administration and I am trying to set up voice communication between cisco telepresence sx-20 located with private IP address in my Internal network to some terminals outside the network. I am using IP address like calli

...

Untitled.png
Untitled1.png
maximn by L1 Bithead
  • 5291 Views
  • 7 replies
  • 1 Likes

Erroneous application port

I am getting a deny statement for port 8531 for application ssl. 8531 is for ms-update and my policy allows that but the default policy is denying it because it is tying it to ssl for some strange reason. I don't know how to get around that.

tglear by L1 Bithead
  • 2140 Views
  • 3 replies
  • 0 Likes

problem on user time session timeout, only countdown

Hi to all,

I'm new on PaloAlto PA-500 7.1 version.
I've searched on and I think I did not find my case.
Sorry if there is not and found it.

I have the wifi sessions (via AP aerohive) timeout all in countdown.

The users are in domain via LDAP and RADIUS.

Th

...

aerspa by L1 Bithead
  • 3694 Views
  • 6 replies
  • 0 Likes

Resolved! Upgrade Path

my appliance is on PAN OS 8.0.0. Can we upgrade directly to 8.0.2. Can't find any info about this.

 

Thanks

AlbertJJ by L1 Bithead
  • 2510 Views
  • 1 replies
  • 0 Likes

Resolved! Allow Vimeo From Specific Website

Hello,

I have a customer that would like to block vimeo completely but allow it specifically from one website, aaregistry.org.  I have PAN-OS 4.1.6 running right now and have tried to use a custom URL category in my rule to allow vimeo specifically f

...

  • 23674 Posts
  • 108 Subscriptions
Top Liked Authors
Labels