General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Join the Fuel User Spark Event on March 19: Dealing with Threats !

 

Join us at the Fuel User Group Spark Event on March 19!

 

Get ready to ignite your cybersecurity knowledge and connect with industry experts at our upcoming Spark event hosted by the Fuel User Group. Whether you're a seasoned professional or just

...

kiwi_0-1709893724672.jpeg
kiwi by Community Team Member
  • 280 Views
  • 1 replies
  • 2 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3161 Views
  • 2 replies
  • 14 Likes

Resolved! Using public range of IPs

I have a bit of a silly question to ask but my mind is drawing a blank on this.  If you have a connection from the ISP, say the static IP range is 14.1.1.0/30....their router is 14.1.1.1 and the PA FW will be 14.1.1.2.  Simple enough but what if they

...

ce1028 by L4 Transporter
  • 3958 Views
  • 6 replies
  • 0 Likes

File blocking

Dears,

I am not able to block msi file via file blocking profile.

I have created a file blocking profile to block msi and different types of file extensions to block by the policy.

Then I tried to open exe file in the chrome browser which is working fin

...

Jafar_Hussain_0-1606461774177.png
Jafar_Hussain_2-1606462014421.png
Jafar_Hussain_1-1606461839870.png

Resolved! Interzone Static Routing

Hi all, I'll preface this as I'm the sole networking guy at my job and I'm still green. Apologies for any dumb questions, I've tried to read the manual for relevant info and used my google-fu to no avail.

 

I'm using a PA-3020 on firmware 8.0.6.

 

I've b

...

Resolved! Status Incomplete

Hello,

what does this mean and how to solve it?

When doing an show arp all:

No MAC is displayed at an IP address.

 

Any help is welcome, thanks in advance 

 

 

Davevanwijck_0-1606816998706.png

user-id server monitoring error: NT code 0x800705af

Dear community,

 

I´m trying to add a new AD server to server monitor list in order to retrieve user-ip mappings and get the following error:

" WMIC message from server XXXXXXX: NTSTATUS: NT code 0x800705af - NT code 0x800705af "

 

Does anyone have any id

...

Carracido by L3 Networker
  • 1740 Views
  • 2 replies
  • 0 Likes

Resolved! Password Profile

Hi Experts

 

We need to setup a password profile with the no expiry condition for the service accounts which has read only privileges. Version is 8.1

 

1. If we set the Required Password Change Period (days) to 0 days, does it mean it's expired (with 0 d

...

Live Community members - we want your feedback!

While we may operate the community from day-to-day, the Live Community is really YOUR community. Sure, we may have ideas about what might be helpful or interesting but since the community is yours and exists to help you, we ALWAYS welcome your ideas,

...

Resolved! Office 365 App-ID

Hi, 

 

We are in the process of implementing office 365. May I know what is the correct APP-ID for the below services? Please share if there is any best practice document for this. 

 

Microsoft Stream
Audio Conferencing
My Analytics
Azure Active Directory
Az

...

Resolved! HA Cluster Network Topology

Hi Everyone,

 

I'm new to Palo Alto and now I plan to deploy 2 Palo Alto 5250 in HA Cluster mode, each firewall take place in a Data Center. This two Data Center is in same City. That why I think HA Cluster suitable in this situation. These 2 new firew

...

QuangLe by L1 Bithead
  • 7231 Views
  • 8 replies
  • 0 Likes

Lot of non-syn-tcp

Hi Experts,

we have a lot (I mean a LOT :-)) of non-syn-tcp traffic on our PA5220 cluster. The PA is in an enterprise company. 

 

Are we sure that the non-syn-tcp means that there is an asymmetric flow? Let me give you an example:

 

1) Host A sends a SYN

...

paboy1 by L0 Member
  • 4855 Views
  • 2 replies
  • 0 Likes

Resolved! PA 5220 aho and dfa offload

Do i need to enable  aho and dfa or not ?

 

Running 8.1.9 on PA 5220

 

debug dataplane fpga state

aho offload not ready

dfa offload setup
Use software only

 

MP18 by Cyber Elite
  • 5017 Views
  • 7 replies
  • 0 Likes

PA and ASA n route mode

Hi,

I have the below topology  

PA and  ASA are in routed mode . 

The first question is the design is valid? 

I am facing a problem in this design 

ASA says the secondary is failed  ,primary asa says the secondary and dmz zone interface failed 

 

 

 

Thanks

pa-cisco.jpg
simsim by L4 Transporter
  • 1725 Views
  • 2 replies
  • 0 Likes
  • 24090 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels