General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 409 Views
  • 0 replies
  • 2 Likes

SMTP recipients per minute

Is there a limit on the number of smtp recipients per minute that can be processed by a PA? I've seen other firewalls with limits, depending on the size, so that the impact of worms can be negated.

RFalconer by L3 Networker
  • 3436 Views
  • 6 replies
  • 0 Likes

Resolved! LDAP Server as FQDN in LDAP Server Profile

Hello,

 

When FQDN (port 636) is used in the Address field, user cannot connect. Gets error: LDAP auth server is down!

What settings need to be applied so that LDAP server profile can use FQDN besides IP address?

 

Thanks in advance.

 

Farzana by L4 Transporter
  • 5801 Views
  • 4 replies
  • 0 Likes

Resolved! 'ascii' codec can't encode characters

Hi!

 

0.9.26 is a great update - thanks for the hard work. Already using the CIF miner and enjoying the live UI updates.

 

I'm seeing a a bunch of these errors in my engine log:

 

 

2016-10-28T21:31:15 (30348)amqp._callback ERROR: Exception in handli...

Question to app dependencies

Hi guys!

I'm new to Palo Alto.

Scneario:

I make a new rule from an inside zone to the internet with the app gmx-mail.

gmx-mail depends on web-browsing and ssl.

Do I have to add web-browsing and ssl to this rule to make gmx-mail work?

Or could I make anothe

...

MPI-AE by L4 Transporter
  • 2219 Views
  • 5 replies
  • 0 Likes

Can't seem to connect to Cisco ASA

Using the following Phase 1 settings:

 

I keep getting this error:

Received unencrypted notify payload (no proposal chosen) from IP x.x.x.x[500] to y.y.y.y[500], ignored...orIKE phase-1 negotiation is failed. Unable to process peer’s SA payload.

Check th

...

Capture.PNG
dclaro by L0 Member
  • 3538 Views
  • 3 replies
  • 0 Likes

Surveillance system

Has anyone here used a surveillance system?? I'm in need of a security system, but I don't have any idea on how to select the best one. I recently happened to read an article http://www.fire-monitoring.com/ip-cctv-moving-future/ and thought it will b

...

ConMac by L0 Member
  • 1827 Views
  • 2 replies
  • 0 Likes

Skype for Business using App-ID?

Does anyone have a definitive list of which applications are required for 365 hosted Skype for Business to work please?

 

I'm using MineMeld to product a dynamic block list of the 365 Skype for Business IP ranges published by Microsoft and I've settled

...

Multiple WAN Interface Setup, different zones

Hi all

 

I'm struggling to configure a VM-200 with multiple WAN interfaces. I've read a few forum posts on the subject and I understand the suggestions (PBF, 1:1 vs 1:Many NAT, etc) but the situation I'm in is a little different.

 

We are running the VM-

...

Send OSPF default route with PBR

I have a network were what I would like to have happen is that the PAN device tracks its connection to the internet and as long as that is alive send a default route to its neighbor.  If that fails i would like it to stop sending that default route s

...

Redundant IPSEC VPN with cisco and VPN monitor

Hello Experts

 

I have PA on hub site and Cisco ASA at spoke site. At hub site, I have two ISP links, and ASA establish two IPSEC VPN with hub PA through both ISP, one IPSEC is primary and other is backup

 

Now to failover, I am thinking to use VPN monit

...

Resolved! IPSEC VPN negotiation without traffic

Hello Experts

 

Is there any option to initiate a IPSEC VPN without passing actual traffic. Like in Juniper SRX, there is option "establish-immediately" or in Juniper Netscreen "rekey" option 

 

Regards,

 

GR

  • 23695 Posts
  • 110 Subscriptions
Top Solution Authors
Labels