General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Global Protect certificate error

Hi,

 

We are testing GProtect 2.3.2 version and its not working fine.

Debug GP client shows "WINHTTP CALLBACK_STATUS_FLAG_CERT_CN_INVALID".

 

The certificate is issued with the Common Name clientvpn.xxx.xxx, and this is the address of the portal.
 If inste

...

Resolved! Alert on IP Activity

I have a manager that would like to setup an alert wheneever a certain IP address hits our network. Does anybody know of an easy way to do this without creating a security policy and just monitoring that policy? 

BPry by Cyber Elite
  • 1723 Views
  • 2 replies
  • 0 Likes

Can Not Registered My PA-200

Hello, I have registered the PA-200 on support web site, and the license is showed correct on the web GUI and on command "request license info", but it still show "device registered: no" on "show wildfire status".

Do anyone know why ? And how can I ma

...

WS000003.JPG
mjkssg by L1 Bithead
  • 5024 Views
  • 9 replies
  • 1 Likes

Resolved! MineMeld outbound calls impacted by SSL interception

I could see the node was having problems pulling the external resource due it being decrypted and our CA being used.

 

I added our CA to the Ubuntu store with the processes used here, but still no juice.

 

http://askubuntu.com/questions/645818/how-to

...

Change to HTTP decoder

Did I miss a notice that the http decoder was being changed so that most of my rules based on the web-browsing app would break?  Nearly all of my web-browsing traffic is suddenly being identified as unknown-tcp.

 

I notice in the release notes for 646

...

epeeler by L2 Linker
  • 1730 Views
  • 1 replies
  • 0 Likes

Palo Alto deny All policy reason non-syn-tcp

Hi,

 

We realised our PA in version 7.0.6 is having any issue with the traffic. We see many traffic being dropped by DENY all rule (the last rule in the rule set). Looking in application we see "non-syn-tcp" in all the connections. 

 

These denies connec

...

logs.JPG

Resolved! Multiple VLANs through Network Interface

Hopefully this is a very simple question, but I wanted to make sure I was actually researching the correct thing.

 

I am planning on connecting a hypervisor (Hyper-V 2012), directly to one of my Network Interfaces on my PA.  The hypervisor has multiple

...

Exceeding IPs in one list

Hi,

 

The miner Ransomware IP has > 10000 so I'am wondering how I could solve this issue. Should have some output feed that you can define to take a certain amount of IP's so you can map that on your hardware. And then create a second output that is

...

Forwarding streaming traffic to a second Palo

Hi all. We have two Palo 3020s, each connected to a different ISP. At the moment the 1st firewall handles all our LAN internet based traffic, whereas the second firewall is mainly used for our VPN connections. We're looking at forwarding streaming tr

...

  • 23579 Posts
  • 103 Subscriptions
Top Liked Authors
Labels