This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 777 Views
  • 0 replies
  • 0 Likes

Resolved! Converting Cisco ASA Access Lists to PAN

Is there an easy way to convert a Cisco ACL to PAN format. Right now I have a 70 line ACL and it looks like each ACL will require 14 set commands. At this point I'm thinking it might be easier to just enter the 70 ACLs into the PAN via the GUI. 

Any o

...

palomed by L3 Networker
  • 5225 Views
  • 4 replies
  • 0 Likes

Resolved! Pre-Install Pan Upgrade with no reboot

Does anyone download and install PANOS updates but wait to reboot until a scheduled maintenance window?  I'm wondering how risky this would be and/or how long you can let a firewall sit waiting for a reboot to the installed new version.

 

This would sa

...

epeeler by L2 Linker
  • 6193 Views
  • 5 replies
  • 0 Likes

IPSec Conversion utility for Cisco ASA to PAN 6.1.1?

I have a couple of Cisco ASA tunnels I need to convert to Pan. Each has about 200 lines of config all told. Whether I mark things up in a word processor or enter it in PAN gui - it's going to be a slog. Pausing to ask the community: Might there be a

...

palomed by L3 Networker
  • 2923 Views
  • 5 replies
  • 0 Likes

Hot shield proxy- PA unable to block

we have created the application filter for proxy based apps-140+ apps are in that proxy filter which includes IKE, IPSec, Hot-shield etc except SSL.

 

This proxy-based app filter is called in the security policy (with block action). In addition to that

...

botnet

Hi,

If someone running a botnet inside local network ,is there a way to  get an alert  like siem, from reports ,from live stattistics ?

 what are the steps to identify these kind of traffic ?

Finally how to block them when threshold reaches  ?

Thanks

 

 

 

simsim by L4 Transporter
  • 3371 Views
  • 8 replies
  • 0 Likes

DTLS Support

Is there  support for DTLS in any version of GP and PanOS? I can't find any mention of it in the documentation.

Thanks.

404 error on proofpoint miner

Any ideas on what to do about this error?

 

2017-04-21T02:25:37 (28250)basepoller._poll ERROR: Exception in polling loop for proofpoint-EmergingThreatsDomains: 404 Client Error: Not Found
Traceback (most recent call last):
File "/opt/minemeld/engine/0

...

chirss by L3 Networker
  • 3215 Views
  • 3 replies
  • 0 Likes

Integrating MineMeld with IBM QRadar

Hi,

I am new to minemeld. I went through the documentation for integrating minemeld with qradar. Succesfully added the TAXII feeds in Qradar.

I couldnt see any values getting populated in reference set defined in Qradar or updates shown in threat int

...

Resolved! Configuring the Proxy-ID for phase 2 IPSec using PAN 6 CLI

there's this great example below for setting up an IPSec tunnel using the CLI. BUT it's missing how to add in the proxy IDs.

 

I have some clues that it's like..

 

set network tunnel ipsec IPSEC-Tuna-TUNNEL proxy-id tuna1 protocol any Local xxxx Remote y

...

palomed by L3 Networker
  • 11113 Views
  • 3 replies
  • 0 Likes

Application Incomplete For One Site But OK at Another

I have an IPSec tunnel with source address NATting to a partner. 443 web traffic from site A triggers the IKE and the IPSEC-SA session. In PAN monitoring the application is correctly identified as SSL and in my browser I pull up the site from the par

...

palomed by L3 Networker
  • 6643 Views
  • 9 replies
  • 0 Likes

VPN Access

How do you configure the globalprotect VPN's so they won't route on the internal network but will only let users access it from outside the internal network

jdprovine by L4 Transporter
  • 2588 Views
  • 5 replies
  • 0 Likes
  • 23986 Posts
  • 115 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks