Testing nmap protection

I have a PaloAlto firewall in a virtual environment. I am trying to test my nmap protection rules and test the number of cps I should be using, but for some reason I cannot ping the interface I want to test my nmap on from an external machine. I can ping the external machine from both the Palo CLI and the workstation terminal, but even with an a...

Threat detections of "Canonical ksmbd-tools ksmbd.mountd ndrwritebytes Heap Buffer Overflow Vulnerability(94951)" in Windows server traffic

Anyone else seeing the following alerts:tcp,alert,"gpt.ini",Canonical ksmbd-tools ksmbd.mountd ndrwritebytes Heap Buffer Overflow Vulnerability(94951) But this is being detected in traffic between 2 Windows server, so it doesn't make sense. Seems to be a false positive.

How to check NAT IP over-utilized or not?

Hi Mates, We have particular Source NAT based on IP address and want to understand if there is any way to check the current utilization of IP's for NAT. This might help to add more IPs to prevent from overutilized. Thanks in advance. Ankit

PA-850 Static NAT between 2 Switches

Hello all. Looking for help here. I am trying to create a static NAT between two switches using a vwire, but it doesn't seem to be working. Can someone please provide steps on how to make this happen? I do not wish to insert routers between the switches, and wasn't sure if this was possible. I'm new to networking and firewalls, and have bee...

SMB share - Right clicking shared folder and selecting folder properties

Hi all, We have observed an issue with an SMB share which traverses our PA FW. The initial rule was setup simply such that the client was allowed to access the remote SMB share in the firewall rule base by use of the inbuilt ms-ds-smb application container. Client was able to browse to the folder fine and upload/download files fine with no...

Monitoring Subinterfaces with zabbix

I would like to ask if you have experience with integrating Zabbix and Palo Alto FW. I have an issue with graphs traffic on subinterfaces as it is not accurate compared to the port connected on the other end. For example, on the switch port, I see 20Mbps traffic in, but on the Palo Alto interface connected to that same switch, I see 1.2Mbps traf...

USER_ID mapping constantly changing with Zscaler App

Hi Team, We are facing an issue where PA user authenticated access from ZScaler app connect servers is failing intermittently. Access through PA FW to a server network using user authentication is failing intermittently when connections are made from a pair of ZScaler app connector servers. CLI command "show user ip-user-mapping ip-address-o...

PaloAlto to Watchguard Site to Site connects but passes no traffic to parts of the Watchguard site.

Looking to see if anyone has come across this issue. We have setup a site-to-site tunnel to another location. We have a PA460 running 10.7.h3 and the other location uses a watchguard firewall with NetMotion for their Vpn clients. When we connected, the clients running NetMotion can't reach applications or the local network can't, this depends on...

how to monitor encryption domains in VPN Palo Alto

Best regard Equipment We are currently experiencing an issue with one of our VPNS that we have configured against Azure on a 5200 series FW The problem that arises is that of 10 configured domains, 5 are going down for no reason, since the traffic to these encryption domains is constant and this has generated different types of incidents. Do you...

resources-unavailable issue

Hi, I have PA3020 use PAN-OS 9.1.13. Sometime have Traffic failure occurs with the session end reason "resources-unavailable" please help me for solution to fix

Load Balancer Reply To Port Scan

Terraform Error:Invalid Credential

Hello, I'm trying to run my first Terraform: terraform {required_providers {panos = {source = "PaloAltoNetworks/panos"version = " 1.11.1"}}}provider "panos" {hostname = var.panos_hostnameusername = var.panos_usernamepassword = var.panos_password} variable "panos_hostname" {type = stringdefault = "192.168.1.101"} variable "panos_username" {ty...

Policy to allow specific Windows share

I'm trying to find out if it's possible with a Palo firewall to allow access from a DMZ machine to a windows share on an internal file server, however, I would like to allow access to a specific share. The file server on the internal network has several internal use shares. I need a place for a DMZ hosted app to dump files on an internal serve...