General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

PA Traffic is logged under different users other than the logged in user

Hi guys, We have a security rule that grant a certain app access to users based on AD group. User complained that sometime they can access the app and sometime they cant. Checked the firewall and found out that some of the traffics are logged under different user accounts, hence the right policy didnt get applied. User is using OSX (mac) and has...

2017-08-22_13-44-18.png
ESutedy by L1 Bithead
  • 3685 Views
  • 4 replies
  • 0 Likes

Microsoft blogs page cannot be loaded though paloalto

Hi, I have constructed Palo Alto on Azure and now all connections are allowed to connect.However it seems Palo Alto blocks below website. https://blogs.technet.microsoft.com/ I already checked I can access without palo alto and i think it is the cause of this issue.I think I should contact support but i am unable to create my support account. I...

キャプチャ.JPG

Need help on PaloAlto OID

Hi Experts , Looking for OIDs to monitor below mentioned list , using SNMPv3 for Palo Alto on AWS cloud but unable to locate any MIBs or OIDs. BGP (Established , down)Tunnels ( IP , Status , Traffic Stats)SSH (User IP , Count) Any help will be highly appreciated. RegardsFaiz.

How to terminate Live community account?

Last month I have created this account and today i have deployed Palo Alto from Azure...In order to get teachnical support from PA, it seems I need to register account but I cannot use this LIVE community account.So i think i better terminate this account first and create new one with new CID.. Please help me...

error.png

Dual ISP, ECMP, PBF, PAT to access internet, Destincaton NAT to Local Server

Dear Collegues, Need your help & clarify some douts. G1/1 - xxxxx/30 (ISP 1)G1/2 - xxxxx/30 (ISP 2)G1/3 - xxxxx/24 (LAN) Both the ISP have also provided xxxxxx/29 range of usable IPs Have Configured Dula ISP Redundancy with single virtual router by enabling ECMP and link monitor for static routeHave configured source NAT to access internet f...

Unable to connect to a PA 500 using the management IP.

Hi, I have just configured my PA 500 and I set up the management IP to be 10.2.82.3/24. I connected the PA 500 to a switch that has VLAN 80 (10.2.80.x) and VLAN 82 (10.2.82.x) my laptop is ip'ed 10.2.80.40/24, from the laptop I can ping 10.2.82.1 (default gateway for the management vlan), but I can not ping 10.2.82.3. I consoled into the PA and ...

Resolved! GP-VPN traffic is slow

GP VPN configured properly with IPSec enabled.But all the GP-clients are fall-back to SSL tunnel mode soon after connected.For testing purpose, give full access any-any allow in policy. one time connected as IPSec and when disconnect & connect again another time gp-client automatically fall-back to SSL mode. Port 4501 UDP & TCP are allow...

PA System Alert Reports

I am wondering if it is possible to create a report based on the number and type of "System" (Medium, High, Critical) alerts generated by the PA firewall?

Resolved! FQDN record keeps wrong ip address

Hi All, One of our FQDN records keeps wrong ip address (e.g 10.1.12.71) where really it should be 1x6.1x8.1x0.1xx: > request system fqdn show gives me below output: When l ping the same FQDN from the FW l get a correct ip address mapping: > request system fqdn refresh - didn't make any difference. How can I force firewall to refresh t...

Or1.PNG
2.PNG

Resolved! Server error : Partial commit is not allowed. Full commit must be completed.

Palo version:vm-license: VM-100 vm-mode: VMWare ESXi sw-version: 8.0.4 I am trying to do a partial commit after a change on policy rules.The following commands usually work. But for some reason, I ended in a state where partial commit/validate is not allowed: admin@CST-OCBFW-INT01(active)# validate partial device-and-network excluded Server err...

False-Positive on Comodo

Hi There,Not sure what's the right place to report this false-positive.I would like to draw urgent attention of Paloalto Networks staff to resolve following false-positive on one of Comodo Internet Security files:Virus Total (1/64)https://www.virustotal.com/en/file/f80c084dc4747b8fee70ac4028e9b734cbc8aa3aea230b24fa9740da44ffcec1/analysis/1502048...

URL category not effecting to all traffic passing through security policy

we are facing problem with PA 7.0.7 version , custom url category is mapped to security and certain URLS are allowed . when traffic passes the policy some of the traffics are allowed and then it hits the deny rule . The size of the packet becomes less when it is hitting the deny policy if we create a security policy only for one url it is worki...

Rameshwar by L3 Networker
  • 3204 Views
  • 5 replies
  • 0 Likes

Blocking Hexa Protocol (Hexatech VPN)

I just became aware of this yesterday, but we were seeing a rise recently in "unknown-udp" traffic on our Palo Alto Firewalls and have discovered what it was. The amount of traffic was significant - always used the more bandwidth than anything else on the network. There is a new-ish VPN service by BetterNet that uses a protocol called "Hexa" (...

SAML ADFS for GlobalProtect

Hi,Is someone able to shed some ligh on the below. 1. Can SAML be used to map to an LDAP group, if so is there guidance?2. Does PAN support using SAML AND prelogon/alwayson with GP? Thanks

Resolved! custom report - "unknown" category

Hello I observed that in my reports in pdf I have a lot of "unknown" in CATEGORY column.My report looks like: How is possible that google-base or linkedin-base have category=unknown ? RegardsSlawek

2017-08-15_201653.png
2017-08-15_203202.png
_slv_ by L4 Transporter
  • 6147 Views
  • 9 replies
  • 0 Likes
  • 24396 Posts
  • 123 Subscriptions
Top Solution Authors
Labels