General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

WannaCry - how to protect our system with help from PANOS?

Hello Is it a way to help protect our Windows systems from attacs from internet/lans using url protection (or other technics)? According to https://mobile.twitter.com/msuiche/status/863284743940575232 it's using hardcoded url so it could be possible. RegardsSlawek

_slv_ by L4 Transporter
  • 8784 Views
  • 14 replies
  • 0 Likes

GP-AD user password expiry

When setting up a Global policy object for a Paloalto globalprotect user/group , the maxpwdage attribute does not match the, the password expiry date sent for Paloalto user, This can be confusing to know when the password actually going to expire for the GP user.Panos 7.0.6Gp 3.0.3AD server 2012r2Max password age was set on 14.05.17 Tailing the ...

pwdpilicy.PNG
pwdexpiry.jpg
pwdlastset1.jpg

GP Error( 51): Driver is not installed, reinstall it now!

Hi, Related to this issue here however the error code is different, Link here Upon checking the logs:(T5392) 05/15/17 10:55:32:387 Error( 51): Driver is not installed, reinstall it now! 05/15/17 10:55:27[Info 297]: Driver inf file is installed successfully.05/15/17 10:55:31[Info 327]: Driver install component fails with error 0x80070002! Vi...

Broken_GP.PNG
Working_GP.PNG
ESutedy by L1 Bithead
  • 3495 Views
  • 2 replies
  • 0 Likes

Preventing Users from Terminating Global Protect Client (Task Manager)

New to Palo Alto and looking to utilize GlobalProtect to filter students offsite on their laptops. How have others gotten around the ability to kill the GlobalProtect client via Task Manager? Use GPO to prevent Task Manager usage? Just looking for best practices to configure this for the 2017-18 school year. Thanks in advance.

kraybr by L0 Member
  • 3158 Views
  • 3 replies
  • 0 Likes

New to the Training and Community

Hello All, As the title states, I am new to Palo Alto training and the Community. I have started the lab Firewall 7.1: Install, Configure, and Manage (EDU-101) and downloaded the lab guide. I would like to login to a device as it states on step 3: "3. Launch a browser and connect to https://<management IP" Where would I find this management ...

plosey68 by L0 Member
  • 2310 Views
  • 2 replies
  • 0 Likes

traffic flow

Hi, I have two zone (trust and trust),for trust to untrust traffic flow and untrust to trust , do I need to create two security rules ? Thanks

simsim by L4 Transporter
  • 4425 Views
  • 7 replies
  • 0 Likes

slowness in traffic

Hi,Users complain about the office365 outlook connectivity ,slow submission of email . From PA prespecive what need to be verified and make sure there is nothing from the PA side . Thanks

simsim by L4 Transporter
  • 2774 Views
  • 2 replies
  • 0 Likes

Is there a way to paste several IP addresses into an object group or policy?

Suppose I wanted to create object group "blob" with 10.10.10.5 .6 .7 8. .9 - and I'm working in the PAN GUI- is there a way to paste those five addresses into the address group? It seems like my only option is to clickAdd (obj group) Add (address) and then fill at least two fields Name and ip address/mask. I know I can do this out at the CLI. Bu...

ScrnGrab1360 170512 16.06.jpg
palomed by L3 Networker
  • 10254 Views
  • 5 replies
  • 0 Likes

Resolved! WannaCry - Kill Switch & DNS sinkholing

Why Palo is not sinkholing DNS queries to the kill switch URLs? Currently if I run a DNS lookup request for the kill switch URL, it come back with the valid DNS response. shouldn't this be sinkholed? When the guy "accidentally" found the kill switch, I thought, Palo would be able to do this as well. But alas, it didn't and still hasn't yet, I gu...

Fengrui by L2 Linker
  • 12897 Views
  • 5 replies
  • 0 Likes

OSPF adjacencies flapping caused by minor changes in Virtual Router.

Hello. There is a question about OSPF adjacency flapping caused by minor changes in OSPF process. I planned data-center deployment of PA-5060 HA-cluster. In this plan PA-5060 needs to be attached to OSPF AREA 0, and multiple NSSA areas in different security zones. Number of multiple areas non constant and in will be increasing in the future wit...

Resolved! Dshield blocking generic pulls

Saw this notice on the dshield page the other day that they will be blocking generic pulls from agents if they don't have contact info in the script. Still learning about minemeld but know dshield is one of the default miners and was just wondering how this information affects its use going forward? https://www.dshield.org/forums/diary/Read+T...

Resolved! AWS output/aggregator with unexpected missing indicators

Hello, I have a dev and prod instance of MM. Noticed both dev and prod behaving the same way, where many indicators were not showing up in output feed for AWS miners. Config on both is the following: nodes: aws_route53_miner: inputs: [] output: true prototype: aws.ROUTE53 aws_ipv4_output: inputs: - aws_ipv4_aggreg...

Resolved! Security Policies Clarity

What is the difference between pre rules and post rules ? None of my colleagues could answer this question upto my satisfaction.Can I expect expert comments ?

cmyakal by L1 Bithead
  • 4182 Views
  • 5 replies
  • 0 Likes

Resolved! External feed URL and minemeld update URL

In our environment, there is a PA between Minemeld and the Internet, so PA access control. Would you please tell me the subject URL and port number ? (A specific external feed becomes O365 is https://paloaltonetworks.box.com/s/gndwe5rzheg1ekwplxb4m3mrpcf5k41f) Regards, Naoya

  • 24401 Posts
  • 123 Subscriptions
Top Solution Authors
Labels