General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How to block H-Worm?

Hello, all,

I have found that PA firewall seems not block the H-worm (named by Fortinet), or, I didn’t set correct signatures/threat ID to be blocked. However, is there someone kindly to tell me which threat ID of PA should be blocked to prevent it?

H-

...

How to Avoid Remote SSH Scan

Hello

I have a lot of events "deny" followed by other "allow"; All of these to port 22 (SSH) from remote host to several IP(s) in my Untrust and DMZ Zone.

<14>Jun 24 04:01:17 fw2orgt 1,2015/06/24 04:01:16,0003C102047,TRAFFIC,drop,0,2015/06/24 04:01:16,

...

SOC_CSG by L4 Transporter
  • 1562 Views
  • 1 replies
  • 0 Likes

Resolved! Reset an interface to initial state of Not configured

Hi,

just starting up with my first PaloAlto device, and have a simple question for which I don't seem to find a solution in the documentation. By default, the interfaces of a new firewall are are unconfigured, i.e. the GUI shows their status as "not c

...

itsup by L2 Linker
  • 4594 Views
  • 5 replies
  • 0 Likes

Resolved! ECMP

Hi - is it possible to do ECMP (equal cost multi-path routing) using static routes? If not - is it possible to achieve ECMP using OSPF on the PA4050. We have a need to load balance the default route out of a PA4050 over multiple L3 gig interfaces (th

...

fmd by L3 Networker
  • 3928 Views
  • 6 replies
  • 0 Likes

PA blocks spyware - identify compromised computer

Hi there,

we're running the following setup:

trusted zone | DC zone | Internet

Client/Proxy/some old DNS Server| DNS Server| Internet

I see that the PA is blocking malware traffic (app DNS). But the attacker is either the proxy, asking the DNS in the DC

...

Resolved! is it support ECMP protocol ??

Hi all.

Is it support ECMP protocol from PAN??

I can’t find whether ecmp protocol support from datasheet and knowledge base.

does PA has any other similar protocol if not support ecmp??

Please refer to below URL for ECMP.

http://en.wikipedia.org/wiki/E

...

willstech by L3 Networker
  • 1487 Views
  • 4 replies
  • 0 Likes

802.1q tagged sub-interfaces on PA-500 v6.1 not working

I'm trying to consolidate multiple Layer3 interfaces into a single Layer3 interface using subinterfaces and VLAN tagging, but it's not working.

I'm hoping someone can point out the error in my configuration.

The current working configuration:

FIREWALL
et

...

Gp Configuration

Hello Friends,

We want to  configure our Remote VPN (Global Protect ) on two ISP and  we should be able to  manually switch the gateway at client end and no Lic is required for that?. Please suggest.



Regards

Satish

Satish by L4 Transporter
  • 2315 Views
  • 5 replies
  • 0 Likes

HTTP Header - Logging NTLM Username

My PA firewall inspects traffic between my users and proxy server. The proxy server provides NTLM authentication. Is there a way of logging the NTLM authenticated username within the http headers?

ASCIT by L2 Linker
  • 1977 Views
  • 6 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors