This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Management inteface send packet port 137 to broadcast public IP

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Management inteface send packet port 137 to broadcast public IP

Go to solution
Register_Security
L3 Networker

‎08-23-2013 01:05 AM

Hi all,

I monitor traffic on management interface of 3020, I have seen so many packet from management IP to an broadcast IP

Aug 23 14:49:24 192.168.1.15:35889  203.77.255.255:137  UDP
Aug 23 14:49:24 192.168.1.15:52601  203.77.255.255:137  UDP

I try to stop all service on management interface but it is not affect.

Please help me to stop these packet.

Thanks,

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
Register_Security
L3 Networker
In response to sjamaluddin

‎09-17-2013 03:29 AM

Thanks for all reply.

I found and fixed the problem.

The reason is PAN auto enable "Microsoft Active Directory" my domain.

ad-detect-enable.png

View solution in original post

0 Likes Likes
4 REPLIES 4

Go to solution
mikand
L6 Presenter

‎08-26-2013 01:27 AM

Do you have userid setup, that is if your PA-3020 is trying to reach some AD machine?

0 Likes Likes

Go to solution
mbutt
L5 Sessionator

‎08-26-2013 03:32 PM

Do you have user id enabled on public zone.

Here is a doc which explains why you might see alot of traffic to random public ip address with port 137.

https://live.paloaltonetworks.com/docs/DOC-4705

Let us know if this helped you resolve your issue.


Thanks

Numan

Go to solution
sjamaluddin
L4 Transporter

‎08-28-2013 02:56 PM

Have you made this PAN firewall part of an AD domain? UDP port 137 appears to be some NETBIOS traffic and its unlikely that the management port will be spewing that out unless this PA has been included as a domain device.

0 Likes Likes

Go to solution
Register_Security
L3 Networker
In response to sjamaluddin

‎09-17-2013 03:29 AM

Thanks for all reply.

I found and fixed the problem.

The reason is PAN auto enable "Microsoft Active Directory" my domain.

ad-detect-enable.png

0 Likes Likes
  • 1 accepted solution
  • 5778 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks