General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 440 Views
  • 0 replies
  • 2 Likes

palalto-updates vs ssl

After years of content update traffic showing up in traffic logs as paloalto-updates application, this traffic suddenly started showing up in traffic logs as ssl application.  This all started at approximately 6:40pm Eastern time on 4/1/2017.

Has anyo

...

herrmoss by L2 Linker
  • 2479 Views
  • 3 replies
  • 0 Likes

Resolved! Wildfire file-size-limit

Just installed PANOS6 on a PA200 platform.

Did a change at the configuration and tried to commit. While commit I get the message:

  • Validation Error:
  • deviceconfig -> setting -> wildfire -> file-size-limit unexpected
    here
  • deviceconfig -> setting -> wildfire
...

Hithead by L4 Transporter
  • 10292 Views
  • 10 replies
  • 0 Likes

Configuration Update Descriptions

Hi all,  The commit description is potentially really useful for tracking changes and linking back to change tickets, but I can't see where I can display a list of commits with the descriptions, to review what has been done. 

 

The configuration log sh

...

djr by L4 Transporter
  • 2189 Views
  • 3 replies
  • 0 Likes

Resolved! Query on QoS

Hello,

 

We would like to configure QoS on PA to give priority to VOIP and video based traffic. The Internet connected to the FW is 100Mbps and the connection between the core switch and PA is 1Gbps.

 

If I make a QoS profile and I want a guaranteed band

...

Farzana by L4 Transporter
  • 2174 Views
  • 3 replies
  • 0 Likes

Panorama Dynamic Update overlap

Given the best-practices for Dynamic updates here, how do i configure this in Panorama and not have the commit warning for deployment schedule overlapping with 5 mins of another?

 

Its always going to be the case where Wildfire checking every minute wi

...

Restricted access to API?

Hi *,

 

I'd like to know if it's possible to restrict access to the API? (ex: to some IP addresses).

Example: if remote management is allowed from 192.168.0.0/24, is it possible to restrict the API usage to 192.168.0.1 by example?

Is it an option to

...

XavierMe by L1 Bithead
  • 4069 Views
  • 4 replies
  • 0 Likes

Proxy filtering or paloalto filtering

Hi All,

 

i have proxy in my network which is responsible for all filtering and categorizaing , also i bought a licnese for url filtering on paloalto so, is there any benefit to allow filtering and categoriziang on both ?

 

or no need for filtering on pa

...

Decrypting OPENVPN?

Is it possible to decrypt openVPN with SSL Forward Proxy? I'm pretty sure the asnwer is no, but I figured I would ask.

 

My problem is that I have a Ubuntu Server running openVPN client behind a VM-100. I would like to continue to use openVPN, but I wo

...

Hwinter by L2 Linker
  • 4718 Views
  • 4 replies
  • 0 Likes

L7 Inspection

Hi All,

 

i migrated my asa to paloalto , but i can see that all policies are assigned service port but not appliation , so how can i get benefit from from application field ?

 

how can i transfer all polices from l4 to l7

miners throwing errors

In both cases below, Minemeld is running via hosted Autofocus App.

 

It appears that the ransomwaretracker miners are running into an error. All three are throwing a "[Errno bad handshake](-1, 'Unexpected EOF'). The source URLs appear to be functioni

...

jchitsaz by L1 Bithead
  • 4656 Views
  • 4 replies
  • 0 Likes

Securing Access To Chef Deployment Servers

Currently we have a rule allowing the APP "ssl" from many different zones to our Chef Deployment Servers. I am trying to determine if there is a specific APPID for Chef but been unable to fine one. Since the server team says both port 80 and 443 are

...

PA200 time out - reason directory / 100%

Hi,

 

We have a cluster PA-200 with error "Session timed out". I just saw this link

 

https://www.pickysysadmin.ca/2015/02/08/palo-alto-firewall-displays-session-timed-out-when-you-try-to-login/

 

I tried to delete all core files but disk space is still in

...

  • 23700 Posts
  • 110 Subscriptions
Top Solution Authors
Labels