Threat detections of "Canonical ksmbd-tools ksmbd.mountd ndrwritebytes Heap Buffer Overflow Vulnerability(94951)" in Windows server traffic

Anyone else seeing the following alerts:
tcp,alert,"gpt.ini",Canonical ksmbd-tools ksmbd.mountd ndrwritebytes Heap Buffer Overflow Vulnerability(94951)

But this is being detected in traffic between 2 Windows server, so it doesn't make sense. Seems t

How to check NAT IP over-utilized or not?

Hi Mates,

We have particular Source NAT based on IP address and want to understand if there is any way to check the current utilization of IP's for NAT. This might help to add more IPs to prevent from overutilized.

Thanks in advance.

Ankit

PA-850 Static NAT between 2 Switches

Hello all.  Looking for help here.  I am trying to create a static NAT between two switches using a vwire, but it doesn't seem to be working.  Can someone please provide steps on how to make this happen?  I do not wish to insert routers between the s

SMB share - Right clicking shared folder and selecting folder properties

Hi all,

We have observed an issue with an SMB share which traverses our PA FW.

The initial rule was setup simply such that the client was allowed to access the remote SMB share in the firewall rule base by use of the inbuilt ms-ds-smb application

Monitoring Subinterfaces with zabbix

I would like to ask if you have experience with integrating Zabbix and Palo Alto FW. I have an issue with graphs traffic on subinterfaces as it is not accurate compared to the port connected on the other end. For example, on the switch port, I see 20

USER_ID mapping constantly changing with Zscaler App

Hi Team,

We are facing an issue where PA user authenticated access from ZScaler app connect servers is failing intermittently.

Access through PA FW to a server network using user authentication is failing intermittently when connections are made

PaloAlto to Watchguard Site to Site connects but passes no traffic to parts of the Watchguard site.

Looking to see if anyone has come across this issue. We have setup a site-to-site tunnel to another location. We have a PA460 running 10.7.h3 and the other location uses a watchguard firewall with NetMotion for their Vpn clients. When we connected, t

how to monitor encryption domains in VPN Palo Alto

Best regard

Equipment

We are currently experiencing an issue with one of our VPNS that we have configured against Azure on a 5200 series FW

The problem that arises is that of 10 configured domains, 5 are going down for no reason, since the traffic to

resources-unavailable issue

Hi,

I have PA3020 use PAN-OS 9.1.13. Sometime have Traffic failure occurs with the session end reason "resources-unavailable"

please help me for solution to fix 

Load Balancer Reply To Port Scan

Terraform Error:Invalid Credential

Hello,

I'm trying to run my first Terraform:

terraform {
required_providers {
panos = {
source = "PaloAltoNetworks/panos"
version = " 1.11.1"
}
}
}
provider "panos" {
hostname = var.panos_hostname
username = var.panos_username
password = var.panos_password
}

Policy to allow specific Windows share

I'm trying to find out if it's possible with a Palo firewall to allow access from a DMZ machine to a windows share on an internal file server, however, I would like to allow access to a specific share.  The file server on the internal network has sev

Facing an issue in a SD-WAN auto zone mapping to the Branch Firewall

Hi team,

I require assistance with Pan-OS SD-WAN. Upon adding a device to the SD-WAN devices, I proceeded to create an auto BGP policy for a branch location. However, when checking the policy for the branch device group, I observed that it added 'z