General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 85 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3328 Views
  • 2 replies
  • 14 Likes

Palo Alto Application ms-office365-base not working

Hello Everybody,

 

i thought i try the community for a change with my problem.

One of our departments recently asked for a policy change, so their server could access a ressource in the internet.

The rule is as simple as it gets. Source is their Serv

...

Matching HIP in Decryption Policy

Anyone doing this? It is configurable in the policy itself but isn't referenced in any documentation. The firewalls seem to ignore the HIP profile configured in the decryption rule when matching/not matching traffic. 

 

When I configure the rule to mat

...

ccscott by L2 Linker
  • 4254 Views
  • 11 replies
  • 0 Likes

Log forwarding profile for Correlated Events?

Hello all,

 

It appears that we have had at least a single correlated event in the past seven days, but did not recieve any alert related (via any configured log forwarding profile).

 

It appears the each match that was correlated did perform a log actio

...

PAN 10.2 (PA850) high memory usage normal?

I've just started upgrading our firewalls from 9.1.16 to 10.2.7 and noticed the first (and so far only) firewall pair upgraded caused an enormous jump in memory consumption.  Is it normal for version 10.2.7 on a PA850 to consume 68-70% of memory?  Th

...

Screenshot 2023-11-18 215103.jpg
Screenshot 2023-11-18 215527.jpg

Palo Alto Clearpass integration disconnecting

We are looking to utilize Cleaspass sending information to ours Palos for the purpose of user-id. We have this applied in some test groups but we are running into an issue where after a few days the connection appears to time out and the Palos stop r

...

Claw4609 by L4 Transporter
  • 245 Views
  • 0 replies
  • 0 Likes

GlobalProtect: Port 4501 UDP

Hi all,

 

I understand that GlobalProtect uses TCP 443 and UDP 4501... But what is there any more information available about GlobalProtects usage of port 4501?  All I could find is the following:

 

  • TCP/443 for the SSL communication
  • UDP/4501 for tunne
...

mmclimans by L3 Networker
  • 29326 Views
  • 3 replies
  • 0 Likes

Resolved! Clarification on Web-browsing App

I just need to clarify whether if allowing Web-browsing on a policy would be enough to allow both http(80) and https(443) traffic, ( i.e I don't need to allow both web-browsing and ssl) as it has port 443 as secure port.

Thanks

Web-browsing app.PNG
SDon by L0 Member
  • 616 Views
  • 2 replies
  • 0 Likes

Unable to download new firmware for Lab PA-220

Hello,

 

We are using a PA-220 on version 9.0, its unlicensed, had a real issue getting a new license because the PA-220 was previously purchased off Ebay so we use it now for basic configs now.

 

 

How do i get the newest firmware for this? I went u

...

OID of throughput value of each interface

I've seen several posts that asking the same question, but none of them have provided substantial suggestion. Many replies just suggest to use existing templates of Cacti or Zabbix. What if I'm not using those 2 monitoring tools?

PA has published an O

...

jeremylo by L3 Networker
  • 4018 Views
  • 5 replies
  • 0 Likes

SNMP OID for session throughput

Hello

does anyone know if there is an OID for the session throughput (show session info > throughput)?
I would like to monitor that on my firewalls without offloading to get an idea of their load with respect to the max throughput from the tech specs

...

Resolved! Device Certificate - Where to find OTP?

Under Device -> Setup -> Management -> Device Certificate, I am unable to fetch the device certificate.

 

A message box says get your one-time-password from the Customer Support Portal and enter it below.  I tried my 2-factor OTP that I use to login to

...

SQL and Terminal Services agent

Hi all,

I'm seeing some odd behaviour with apps that use SQL where the app is on a terminal server. The terminal server has an app installed and works perfectly when the PAN TS agent is not running. When the agent is started, the application throws up

...

UKRB by L3 Networker
  • 4434 Views
  • 8 replies
  • 0 Likes
  • 24125 Posts
  • 100 Subscriptions
Top Solution Authors
Labels