Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 90 Views
  • 0 replies
  • 0 Likes

Resolved! Pulling in users directly from ADDS?

I have a requirement to pull in our users from Azure AD (or AADDS depending on the solution) into Prisma Cloud in order to create policy rules based on the source user/group but I'm unsure as to which method I would need to set this up? (Device\LDAP,

...

cra1901 by L0 Member
  • 4100 Views
  • 6 replies
  • 0 Likes

Directing SMTP Traffic to VPN Tunnel

Hello Team,


I am new to this kind of issue and need suggestions as I need to execute the same in my Organisation. I would like to know if we can direct the SMTP Traffic (Outlook Mails) to our IPsec VPN Tunnel without disturbing any other application

...

mkd1995 by L0 Member
  • 2021 Views
  • 2 replies
  • 0 Likes

CIS Control 13.5 - Unauthorized use of encryption

Looking for input on this one. From a Palo Alto perspective, what would be the best way to monitor for encrypted traffic in general? Need a way to make sure we're specifically able to point to traffic that was encrypted and provide a report or show t

...

HTTP Server Profile > Payload Format

Hi Everyone,

 

Device > Server Profiles > HTTP
I created a server profile, however, My curl request is not working, Can you kindly provide any information about how can I fill those fields (Headers, Parameter information and Payload)? How can I translat

...

PayloadFormat.jpg
laelijr by L0 Member
  • 3307 Views
  • 1 replies
  • 0 Likes

Windows Remote Assistance

Hello,

 

I'm fairly new to PAN after years with other  vendors.

We're using Windows Remote Assistance in the network. This requires allowing the ms-rdp application between the network from which we want to assist and the target network. When I try to

...

VPN S2S Site with Dynamic IP and site with FQDN ( DynDNS )

VPN S2S Site with Dynamic IP and site with FQDN ( DynDNS )

 

Good afternoon, is it possible to set up a Site-to-Site VPN between a site with a dynamic Public IP and a site with a DynDNS FQDN.

PaloAlto----IP-Dynamic Public----Internet-VPNIPSEC-----PaloAl

...

Metgatz by L4 Transporter
  • 2060 Views
  • 1 replies
  • 0 Likes

Decryption Log Forwarding

I upgraded to PanOS 10.0.6, and am trying to forward decryption logs via email.  If I go to monitor -> decryption, then I see a bunch of rows where zone.src eq untrust and zone.dst eq untrust and ( proxy_type eq GlobalProtect ), application is incomp

...

GP gateway getting ignored

 

I have one of the users getting the below error in the PanGPS log

 

ignore gateway gateway.####.com , duration time is 0xFFFFFFFF, priority=1
gateway.####.com -1ms

 

This user is located near the mentioned gateway, How to make this work for GP Client not

...

Sambhu21 by L1 Bithead
  • 1971 Views
  • 2 replies
  • 0 Likes

SSL Decryption and www.apple.com

We are testing SSL decryption and are finding that Macs are getting a certificate warning page when visiting https://www.apple.com.  The warning says "This website may be impersonating "www.apple.com" to steal your personal or financial information".

...

jambulo by L4 Transporter
  • 3022 Views
  • 1 replies
  • 0 Likes

Able to see other peoples traffic on Comcast

Is there anyone else that has Comcast Fiber circuits that is able to see other people's traffic on the public interface?

We have been POC'ing the DNS Security License on several FW's once we turned  it on we are seeing a large amount of DNS Tunneling

...

PanOS 7.0.7 - Commit failed

Good day,

 

I have an HA pair on PanOS 7.0.7 (it will be upgraded soon). Someone did a small oopsies and upgraded the apps and threats to the latest not realizing that PanOS 7.0.7 can't handle the 4 digit names

 

I tried reverting back to the one that wa

...

RayLim by L0 Member
  • 2024 Views
  • 2 replies
  • 0 Likes
  • 23584 Posts
  • 107 Subscriptions
Top Liked Authors
Labels