General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 85 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3328 Views
  • 2 replies
  • 14 Likes

SSL Inbound // decrypt-unsuppot-pram

What can i do here..Is it something we have to fix on server side or firewall.

 

Not Working, Block sessions with unsupported cipher suites, Selected.

Protocols allowed min SSL3.0 to MAX

 

 

Working, with Block sessions with unsupported cipher suites, Un-s

...

raji_toor_1-1593023342068.png
raji_toor_0-1593023022338.png
raji_toor by L4 Transporter
  • 2223 Views
  • 3 replies
  • 0 Likes

Session Keep Alive packet size

 Good Afternoon Community!

 

I believe there is a minimum packet size for an application keep-alive packet for Palo Alto to register a session match. I am just having a hard time finding that documentation.

 

Does anyone know and could share or am I mist

...

Multiple MFA vendors at the same time

Good morning,

We are currently using Symantec VIP for MFA with our PA. Management would like to move to Okta and would like to know if both can be used at the same time? 

 

Thanks,

Steve

Block Dynamic Domain from Security Rulebase

Already the specified Malicious URL getting a block from URL Filtering and detected in Threat Prevention with action.

it’s a dynamic FQDN/IP that has to block from the security rule base too, but the does not want to add each IP to block as he receive

...

Resolved! File Blocking profile

Currently we can only see the logs for the files being blocked.

Can we set up the logs to allow us to see the successful transfer of a file?

 

Does Alert/Continue Action of File Blocking Profile log entry in the Monitor > Logs > Traffic?

 

 

TaxiiDataFeed HTTP Compatibility

I enabled http instead of https on nginx. However, I see still https url when I discover taxii feeds on Minemeld side.  Is it possible to disable https on taxiiDataFeed output.

 

https://1.1.1.1/taxii-discovery-service

https://1.1.1.1/taxii-collection-m

...

Resolved! how to configure HA in PA VM-500 deployed in ESXi

How we can configure HA2 for PA-VM Active passive deployment in ESXi.

 

Can we use ip-address from mgmt network to use it for HA2 on both firewall.

eg. 1.1.1.1  - Active firewall mgmt ip

      1.1.1.2 - Passive firewall mgmt ip

      1.1.1.3 - HA2 ip addr

...

Deepak_K by L3 Networker
  • 2267 Views
  • 1 replies
  • 0 Likes

Bricking a firewall?

Ok, I am not surprised in life that an upgrade can go wrong.  Happens on many different technologies.  But I recently had my over $60k PA5220 firewall brick going from 17.x to 18.x.  And that was after getting advice from PA support before doing the

...

tyler by L1 Bithead
  • 1698 Views
  • 1 replies
  • 0 Likes

Trend Micro DDD can not discover collections

Dear ALL,

 

I configured Trend Micro DD Director to update IOC from MineMeld TaxiiDataFeed.

 

Here are the details:

- I enabled http on nginx in addition to https service. Both works fine. 

- When I check the taxiiDataFeed with the following command, it wo

...

Aggregation of ethernet on PA-4050 with Cisco switch

Hi,

I am trying to get an aggregation link up between a Cisco and PA-4050 switch (v3.1.2). I have two link in the group and have configured L3 sub interfaces to seperate VLANs. I am able to send traffic across these links but they are clearly not func

...

Palo Alto Zone Primer

Hi All!

 

I've recently been creating video guides on Palo Alto Topics. This time I've started on zones.

This includes why we use zones, how they help, and some advanced features that PA have (zone protection profile and packet buffer profile).

 

If you'r

...

Luke_R by L2 Linker
  • 2536 Views
  • 1 replies
  • 1 Likes
  • 24125 Posts
  • 100 Subscriptions
Top Solution Authors
Labels