This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! See full list of "Config Logs"

Hey guys,

 

there is this "Config Logs" Widget on the dashboard of the Palo Alto 3020.

 

But there are only a few entries.

 

Is there a possibility to see more entries?

 

Thanks for a reply!

MPI-AE by L4 Transporter
  • 1694 Views
  • 1 replies
  • 0 Likes

Panorama licensing

I think that this is simple but I am just missing it. I am looking for what my license limitations for my Panorama are. I have looked on my support site and googled it but I seem to be unable to find it.

Essentially I have a number of devices currentl

...

tebert by L1 Bithead
  • 1602 Views
  • 1 replies
  • 0 Likes

Overlapping Subnets and NAT

Hello,

 

I have a new client we have a direct L3 link with. Our firewall has an existing directly connected interface on the 10.10.0.0/16 subnet. Our client also has a subnet of 10.10.0.0/16 which we need to get to.

 

During my initial testing I decided

...

Issues with ipsec traffic from PA3020 to Cisco 871.

I have a working tunnel between Netscreen and Cisco 871. I tried to move this from Netscreen to PA3020.

The tunnel comes up. PA3020-local network-192.168.2.0/24 and remote-192.168.235.0/24.

Traffic from 2.0(palo side) to 235.0(cisco side) network is fi

...

Resolved! Application Dependency question (l thought l knew it)

Heys,

 

A bit confused now :0

 

My policy as below:

 

 

So port 80 is allowed when l attempting to connect to the device over the web browser (Chrome) but after Palo actually identified that this is not a "panos-web-interface" app (based on tcp 3 way handsh

...

INBOUND.PNG
TR-LOG.PNG
DEP.PNG

What's new in MineMeld 0.9.36

Release Date: 2017-03-21

 

How to update: Updating MineMeld

 

Nodes

  • JSON Miner now supports Basic Auth via prototype (suggested by @Kimwii)
  • TAXII Miner now supports subscription_id, client cert support has been improved, added support for LinkObjectTy
...

lmori by L7 Applicator
  • 6005 Views
  • 4 replies
  • 6 Likes

Resolved! DMZ to inside LAN

I know you need a security policy to go from dmz to Lan but do you need a nat statement.  On all the Palo Alto documents that I have seen no nat rule is used.  If I am wrong could some one send me a link.  

 

Thank you 

Global Protect: Two preferred NIC listed

Windows 7 laptops with global protect client installed.

 

When I plug my laptop into a wired(ethernet) connection, the wireless IP and the wired IP are showing up as preferred. If I remove global protect from these laptops the wireless IP goes away whe

...

image002.png

Resolved! Reset pass user admin via web

Hi,

 

How I do reset the password user admin again??? I have this messages "bad gateway" when I put the credencials on the access web.

 

I can't login

 

Do you kwon something about this, please?

 

 

Thx

 

SantiBT by L2 Linker
  • 4489 Views
  • 1 replies
  • 0 Likes

Resolved! Problems users with Windows 10 and User ID agent

Hello,

 

I need your help with the following scene:
I have some machines with Windows 10 Operative System and I have detected a problem with the PA Firewall. The Firewall is not detecting the user (UIA), so the policy rules are denying the access.

Panos

...

SOC_CSG by L4 Transporter
  • 7328 Views
  • 10 replies
  • 1 Likes

QoS theory / functionality

Hi,

 

We have an interface which is 100Mbps. There will never be more than 20 IP addresses connecting on this interface.

 

I wish to guarantee each connection 5Mbps and allow them to use the entire 100Mbps if the additional bandwidth is available.

 

I can

...

SARowe_NZ by L3 Networker
  • 2340 Views
  • 4 replies
  • 0 Likes

Resolved! Package minemeld not found

Refer to the KB below and install it.
However, even if you implement 5. Installing MineMeld,
The following error will be output.

 

https://live.paloaltonetworks.com/t5/MineMeld-Articles/Manually-install-MineMeld-on-Ubuntu-Server-14-04/ta-p/98454

 

Sinc

...

package-error.png

DNS traffic identified as sophos-live-protection

Some DNS traffic is classified as sophos-live-protection in our traffic logs. Has anyone else seen this? I only have logs 5 days back in time, so I cannot say when this started but it wasn't with the latest apps update. Our firewall is PA-5050 runnin

...

Globalprotect client

I want to do some testing on new global protect clients but I don't want to make it update anyone tell I can test it, How do I get the software to test with out making it the default cleint on the firewall?

jdprovine by L4 Transporter
  • 5943 Views
  • 25 replies
  • 0 Likes
  • 23729 Posts
  • 104 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks