This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
- Panorama
- AIOps for NGFW
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- Cloud NGFW for AWS
- CN-Series
- VM-Series:
- Private Cloud
- OCI
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
- Cortex Xpanse
Security Operations
- Resources
About as-mg
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- LIVEcommunity
- About as-mg
06-23-2022
50Posts
14Likes
4Solutions
Jun 23, 2022Last Visited
User
Activity
User
Profile
Latest posts by as-mg
| Subject | Views | Posted |
|---|---|---|
| 867 | 05-10-2022 11:48 AM | |
| 990 | 05-10-2022 11:14 AM | |
| 1004 | 05-10-2022 11:09 AM | |
| 1454 | 10-29-2020 02:15 AM | |
| 9199 | 06-05-2020 01:36 AM |
My Liked Posts
| Subject | Likes | Posted |
|---|---|---|
| 1 Like | 05-10-2022 11:09 AM | |
| 1 Like | 11-13-2018 12:04 AM | |
| 1 Like | 11-13-2018 05:32 AM | |
| 1 Like | 06-05-2020 01:36 AM | |
| 1 Like | 01-14-2019 11:33 PM |
Posts I Liked
| Subject | Likes | Author | Latest Post |
|---|---|---|---|
| 2 Likes | |||
| 1 Like | |||
| 1 Like | |||
| 1 Like | |||
| 2 Likes |
User Badges
Community Statistics
| Member Since | 06-26-2013 12:35 AM |
| Date Last Visited | 06-23-2022 05:07 AM |
| Posts | 50 |
| Total Likes Received | 14 |
05-10-2022
11:48 AM
@KMcKenna Please let us know if they provide a workaround or a fix for the issue. Fingers crossed the update either get fixed or pulled tonight, so I won't have to deal with this when each endpoint boots tomorrow.
... View more
05-10-2022
11:14 AM
This alert just trigged on my personal device when updating to content version 500-90199. Sooo... rollback, please?
... View more
05-10-2022
11:09 AM
1 Kudo
Hi, We're seeing the same here as well. End users are shown no application name, but digging through the incidents in the console shows that it's killing of Smss.exe, which is the System Center Configuration Manager agent. All endpoints generating alerts are running 7.7.0.60725 here. Looking through the timeline there seems to be no evidence of foul play.
... View more
10-29-2020
02:15 AM
We're seeing a similar issue on PANOS 9.0.11 - traffic to Google.com searched first hits an IP address, which is being blocked due to the IP being classified as Unknown. After about 10-20 seconds of waiting, the user is redirected to Google, and no error message is shown to the end user. In the URL Filtering log in the firewall web UI the category and category list for the IP address is search-engines and search-engines,low-risk. A URL test from the CLI lists the IP as unknown. The traffic is identified as google-base. This started happening after upgrading from PANOS 8.1 to 9.0, and I have a theory that this is related to HTTP/2 inspection, which wasn't supported at 8.1. A similar issue, PAN-137387, should've been resolved in 9.0.9: "Fixed an issue where URL filtering used the IP address instead of the hostname, which led to incorrect URL categorization." Have anyone experienced the same on 9.0, and were you able to resolve it?
... View more
06-05-2020
01:36 AM
1 Kudo
I've created support cases with this issue in the past, for different versions of PANOS and different hardware, and each time I've gotten the same response that goes like "SMB creates a lot of packets, which will slow down traffic when we need to inspect it" . As mentioned in my previous post, app override is not an option for us, and we've tried disabling DSRI for all the rules which are using SMB without any large benefits. We're seeing around 15-20MB/s on gigabit links onthe current TAC recommended 8.1 release. If anyone has found any way to resolve this issue, please share.
... View more
- Tags:
- m su
01-14-2019
11:33 PM
1 Kudo
@OtakarKlier wrote: Hello, I also saw this last week. I just checked again and it seems to be working. I would say give it a try and if it still is not working, open a case so they can work on it. Regards, Yup, it seems to have been resolved now. Time to go submit a couple dozen sites.
... View more
- Tags:
- p
01-14-2019
06:07 AM
For about the last week https://urlfiltering.paloaltonetworks.com/ has been broken in way that makes it impossible to submit reclassification requests. I have several sites that I'd like to reclassify, but I have been unable to do so. When will this be resolved? One of the issues is that a JavaScript is being loaded over plain http, so at least that one should be easy to fix.
... View more
11-13-2018
05:32 AM
1 Kudo
I just set up our PA-200 lab unit to do a basic test between two Windows 7 workstations, and noticed the same on PANOS 7.1. Have anyone managed to speed up SMB transfers on PANOS, or do we just have to deal with this? I'm getting anywhere between 4 to 8MB/s on the firewalls, and close to 100MB/s when doing the application override. Could anyone share some benchmarks for their own production environments?
... View more
11-13-2018
12:04 AM
1 Kudo
We're currently having some issues with ms-ds-smb (both v2 and v3) traffic on our PA-3020's (active/passive pair), where we are seeing a 97% speed decrease measured against direct traffic. In order to determine the source of the issue, I have tried to disable server response inspection and all the security profiles, but I'm still getting speeds around 3-4MB/s. If I create an application override rule for tcp/445 I'm suddenly seeing around 100MB/s. I don't really expect 100MB/s with threat protection enabled, but 3-4MB/s makes it seem like we're hitting a bug, and the firewall is far from overworked in terms of sessions and dataplane CPU usage. Have anyone else had issues with SMB on PANOS 8.1? This has been for the last couple of versions, and we're currrently running 8.1.4.
... View more
11-12-2018
11:57 PM
1 Kudo
As @ShaiW mentioned, if this is a HA setup, take a look at both firewalls. The times we've had issues with this in our environment, the solution has been to go in and delete the failing content on the passive firewall, and manually download and install it so both firewalls are in version sync. After this automatic installation started working again.
... View more
07-02-2018
02:19 PM
Hi, We've just started to try out Traps 5.0 for a small number of agents, migrating from our on-premise 4.2.0 installation. Since we are based in Europe, we've chosen EU as our datacenter location, and company.traps.paloaltonetworks.com resolves to IP addresses hosted on AWS in Germany. However, the agents all connect to ch-company.traps.paloaltonetworks.com, which is hosted on AWS in the USA. Is this an oversight, or is there hardly any data transfered to the ch-prefixed fqdn? If all the traffic is passing trough American servers this means its suddenly under US jurisdiction. I'm by no means an expert on the law behind this, so I'm open for any discussion.
... View more
05-16-2017
03:55 AM
Hi, We are seeing an influx of phishing mails trying to send users to sites hosted with free web hosting services. On of the things we've done to combat phishing is blocking access to unknown domains, but every subdomain of a free web hosting provider is currently being classified as "Web Hosting", causing users to be allowed access to them. In order to combat this even further, would it be possible to split free and paid web hosting into two different URL categories?
... View more
05-16-2017
03:47 AM
This issue seems to have been a single incident, I have tried upgrading several other computers to 1703 without any issues.
... View more
04-26-2017
11:11 PM
We're currently running 3.1.6, I have also opened a support case with Palo Alto regarding this issue. In the past we've seen issues with the localized names of ethernet adapters causing issues for GlobalProtect, and this could be related as it fails to do netsh on the interface. I'll give an update as soon as I've heard back from Palo Alto. (T6972) 04/26/17 09:24:40:925 Debug(3308): cmd = cmd /C netsh interface ip set address 5 static 192.168.0.190 255.255.255.255> "C:\Program Files\Palo Alto Networks\GlobalProtect\tmp.txt"
(T6972) 04/26/17 09:24:41:072 Debug( 118):
(T6972) 04/26/17 09:24:41:072 Debug(3321): cmd = cmd /C netsh interface ip set dns 5 static 192.168.0.1 validate=no > "C:\Program Files\Palo Alto Networks\GlobalProtect\tmp.txt"
(T6972) 04/26/17 09:24:41:110 Debug( 118):
(T6972) 04/26/17 09:24:41:110 Debug(1715): number of route is 2
(T6972) 04/26/17 09:24:41:110 Error(1747): SetIpForwardEntry(0.0.0.0) failed (The system cannot find the file specified.)
(T6972) 04/26/17 09:24:41:125 Error(1747): SetIpForwardEntry(192.168.0.1) failed (The system cannot find the file specified.)
... View more
04-26-2017
01:36 AM
Hi, I recently had a collegue who installed Windows 10 1703, also called the Creators Update. After the update GlobalProtect appears to be able to connect to the gatway, but it fails to retrieve an IP address and DNS servers from the firewall. Have anyone else had this issue, and have anyone been able to find a solution? I will try to have him do a reinstall of the GlobalProtect client and see if that resolves the issue.
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-23-2022
05:07 AM
|
LEGAL NOTICES
Copyright 2007 - 2022 - Palo Alto Networks