General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 332 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3715 Views
  • 3 replies
  • 14 Likes

Securing Access To Chef Deployment Servers

Currently we have a rule allowing the APP "ssl" from many different zones to our Chef Deployment Servers. I am trying to determine if there is a specific APPID for Chef but been unable to fine one. Since the server team says both port 80 and 443 are

...

PA200 time out - reason directory / 100%

Hi,

 

We have a cluster PA-200 with error "Session timed out". I just saw this link

 

https://www.pickysysadmin.ca/2015/02/08/palo-alto-firewall-displays-session-timed-out-when-you-try-to-login/

 

I tried to delete all core files but disk space is still in

...

Resolved! Suspicious TLS Evasion Found

PA-3020

 

Recently I've had several users get a "Virus/Spyware Download Blocked" page on random sites.  Normally they get it on google searches.  If they refresh, sometimes the error stays, and sometimes it just takes them to the page.  

 

It even happen

...

virusSpywareDownloadBlocked.png
Monitor_Spyware.png

Resolved! pa-500, os8.1, oid's missing in snmp

Hi, when I get MIBs from page below to os8:

https://www.paloaltonetworks.com/documentation/misc/snmp-mibs.html

 

I can find out there OID's related to active sessions counters, tcp/udp counters, used memory, etc. while in snmpwalk (v2) I see only some o

...

bkrajnik by L1 Bithead
  • 6920 Views
  • 2 replies
  • 0 Likes

Resolved! GlobalProtect Clientless VPN package update fails

Hello Community,

i have an issue with download the latest version of GlobalProtect Clientless VPN package update.

I have installed from scratch PANOS 8.0.0 and I have a valid Global Protect License but i'm not able to download the package from updates.

...

Updates.PNG
Updates.PNG

Resolved! Different Threat ID for Data Filtering and Wildfire

Hello all,

 

Once upon a time, I stumbled across a page with all the threat ID's used for Data Filtering.

From what I remember"PKG File Detected(52152)"  is the threat name and ID used when the firewall sees a PKG file.  Windows Executable (EXE) (52020)

...

Why paloalto-updates application is SSL now?

Since 03/April/2017 02:00 Firewall detect paloalto-updates application as SSL then firewall can't update new signatures because there is no SSL allow in policy.This problem occur to my 3 customer now.

 

Do anyone have the same problems?

 

Customer 1Custo

...

cust_1.png
cust_2.png
Sarun by L0 Member
  • 2498 Views
  • 3 replies
  • 0 Likes

Load Ballance Aggregate Interface

Reading the PAN documentation it read like Agg interfaces are not load balanced but are in an active/standby configuration. Is this true? When building AE interfaces do you get BW time the number of interfaces you have in the AE? If so, what is the l

...

MS Windows 'Auto-VPN' and UWP

MS Windows 10 has the concept of 'Auto VPN' which will make use of their UPW plug-in architecture.

 

Universal Windows Platform (UWP) VPN plug-in platform are built on top of the Windows VPN platform

 

I am told There are a number of Universal Windows Pl

...

Resolved! Best method to see blocked RTP traffic?

Hi folks,

 

There is an issue with our Lync VOIP system and consultants are saying they think that RTP traffic if being blocked inbound to our firewall.

 

What is the best method to verify that?

 

Traffic log or do I need to do a packet capture?

 

Thanks

OMatlock by L4 Transporter
  • 3384 Views
  • 2 replies
  • 0 Likes

RDP over VPN login only works after 2nd time?

I've configured and established succesfully a GlobalProtect VPN connection to my firewall (PA-3020). I want to create a RDP session to a server,I login to the GlobalProtect portal on my Windows 10 client and start mstsc. The first time I connect to t

...

Data-Filtering ALLOW

I am using PAN-OS 7.1.

 

I have figured out how to use basic data-filtering to block traffic with certain patterns in the payload, but I want to do the opposite. I want to configure a rule that will only ALLOW packets with a certain pattern, and automa

...

JohnPa by L1 Bithead
  • 2519 Views
  • 6 replies
  • 0 Likes
  • 24197 Posts
  • 100 Subscriptions
Top Liked Authors
Labels