General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Response page in active-active mode

Hello,Would anybody knows how to have a response page for Captive Portal redirect mode, inactive-active mode (PAN v4.0.4) ?For example, through a loopback floating IP ?ThanksChristophe

Tap and Layer 3 mode

HI I have my PA's looking at TAP from my switches and also L3. My thought was to look at traffic that wasn't being routed. But I was thinking what happens to my TAP traffic if I have a policy that allow traffic from zone staff so a L3, but the PA also see the packet on the TAP interface, that policy will not apply and that packet will get caugh...

Global Protect Question

Hi I am having (a new ) issue with global protect. Now the support person is telling me GP is not setup to allow connection made from the client to the laptop (GP client). I'm a bit flabber gasted. But hey I could be wrong. The guys is suggesting I need GP satelitte Alex

Miner for STIX using API token

couldnt find the miner of STIX API Token type.Below is the sample request. Appreciate any pointers to an existing miner and connfig requirement / help to create new miner. POST /stixapi/recent HTTP/1.1Host: ncert.nlabs.orgContent-Type: application/x-www-form-urlencodedapi_token=MY_TOKEN_VALUE

Resolved! Using Panorama to setup a HA cluster

Hi I am trying to setup a brand new pair of pa-5220's in active active. But I can't set aux1 & aux2 for HA1, HA1 backupIP address used for HAand I can't seem to push the config to the PA from panorama, a cyclical error - no ip address , HA not enabled , device ID not set... Is it possible ?Or do I need to setup the HA links first and then d...

PA SSL decryption for web traffic and squid

Hi Where should I be doing the decryption client -> pa (l3) -> squid -> internetorclient -> squid -> pa (l3) -> internet I thinking the first one, then I can also see who is making the request A

Resolved! The only populated item under the ACC tab is the risk factor

Hey there everyone, I'm running 7.1.11 on a PA-200. The top-applications widget under Dashboard tab works just fine, but nothing (other than risk factor) is presented under the ACC tab. No filters are active and it doesn't matter what time period I set it for. Actually, data pertaining to threats is displayed, with bytes and sessions always ze...

DHCP ISP CLIENT

Hi, I have a DYNAMIC ISP that I will use DHCP Client on interface. I know there is option to add default GW provided by ISP, but I only want to use this default GW for a couple IPS such as peer IPSEC IP. How can I do this with out PBF Thanks

junior_r by L3 Networker
  • 1886 Views
  • 1 replies
  • 0 Likes

Can OSPF run without a "true" area 0

I've started working for a new company who uses only static routing. We just turned up a second ISP at one site, but I noticed an issue with failover which is expected. When ISP 1 fails, local traffic at the site routes out ISP 2, but site to site traffic doesn't failover because of the metrics on the site-to-site VPNs at the other sites. At my ...

Resolved! Not-resolved URL category

Having issues with many urls being categorized as not-resolved - tried failing to passive box and same issue. Also have tried to recatergize a url from within the firewall gui (url logs) and get an error: 'This functionality is unavailable as this device is in passive state or is connected to a private instance of the PAN-DB servers. Please subm...

clewis1 by L3 Networker
  • 6792 Views
  • 2 replies
  • 0 Likes

Filtering Microsoft Exchange Server services [Outlook Anywhere, ActiveSync, OWA]

We are using Exchange 2013 and have the Palo Alto allowing https access to it so our users can use OWA and ActiveSync. We recently discovered that users can also connect an Outlook client to our Exchange server from anywhere (no VPN needed) as long as they have a valid mailbox and password. We do not want this to be allowed but don't want to b...

jrauman by L2 Linker
  • 9635 Views
  • 6 replies
  • 0 Likes

Resolved! How to block Dish Network application

I have a user that is abusing their privileges and would like to block services internally. A user wished to have the Dish Network application installed on their laptop to use while traveling. There has been reports that the use was using the application in the office while on the network. I wish to block services to this application while on th...

ksmith by L0 Member
  • 8014 Views
  • 6 replies
  • 0 Likes

Resolved! When setting Strict Security Profile

Good day everyone need help with verify some information about setting strict security profile. We are wanting to set the all Security profile from default to strict to help contiune doing the best security practices recommend by palo alto. Also not wanting the logging in the threat montior to show traffic we already know is ok. So when we are m...

Resolved! URL Filtering doesn't work with Google-base/quic/google-docs

Hi Everybody I have a customer who whant to block this page "goo.gl/forms/NeclIZETrjUiyFBT2" (seems to be used as malware). We include it in "block list" in the Url Filtering Security Profile but it doesn't block it. In monitor tab, the session doesn't appear in Url Filtering, it appears in Traffic, the paloAlto detects the flow as application ...

SOC_CSG by L4 Transporter
  • 16402 Views
  • 7 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels