Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
24294 PostsThe Custom Signatures discussion is a resource for security professionals to discuss the creation process of custom signatures in their PAN-OS appliance.
175 PostsHave you encountered a false positive verdict for Palo Alto Networks (Known Signatures) on VirusTotal? Use this forum to submit a verdict change request. Change requests should include the File Hash, Link to VirusTotal report, current VirusTotal verdict, and description.
780 PostsPost questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to all things Network Security.
5728 PostsPost questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Palo Alto Networks’ Cloud Delivered Security Services.
646 PostsPost questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Prisma Access and Prisma SD-WAN.
550 PostsPost questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Prisma Cloud and Cloud Identity Engine discussions.
470 PostsPost questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Cortex XDR, XSOAR, and Xpanse discussions.
3952 PostsHi,looking for API for adding exceptions, is it exists ?I'd like to add programmatically exceptions which are done by UI > Settings > Exception Configuration > Legacy Agent Exceptions > Add Rule
Question regarding PA-440 and failover. How can I setup a failover in a PA-440 between two physical ports on that PA-440 firewall. For example: If Eth1/7 was connected to a cradlepoint and port 8 was a ipsec tunnel. What is the proper way to config pa-440 to failover from cradlepoint to another interface going over ipsec tunnel? Can the fi...
I wanted to find out if anyone has had issues with running 6.5.1-b5 on their ION's (3000/3200/9000). We have been running this version since late October. We receive random reports of slow performance and we can't figure out where the issue lies. I'm not singling out the ION's or the software version because we have had these reports before we u...
Hi everyone! Good Afternoon, I'm from Brazil, and my organization have two appliances PA 3220 in HA. This morning we've noticed some suspicious traffic exiting our network with IPv6 ::b638:2a0a:ffff:0 (for example), there was more than one those IPv6. The payload was huge, something about 4.2GB. This can be an exfiltration data attack? Could ...
Hello all, I am trying to setup SSO on my XDR tenant but I am getting the following message when login inUnauthorized. Unauthorized - 4010507 In the console "Management Audit Logs" i see the below logs: Custom Idp Saml User Invalid Error | invalid user: email address missing or misconfigured, please verify SAML attributes mapping I followed th...
Hi All, I hope you are doing well. I am testing a scenario in my lab. I have AD configured with user-id agent installed on that AD server. I am login into machine with upn name (ankur@ankur.local) but in firewall user-id logs I see ankur\ankur. I user-id agent logs, I see below logs:01/30/26 14:09:41:236[Debug 398]: UserIpMap: IP 192.168.220.62 ...
Hi All, PAN-OS version: 11.1.10-h1 GlobalProtect Agent version: 6.3.3-711 We experiencing on the all MAC OS with The connection cannot be established and the following error message is displayed:“The network connection is unreachable or the portal is unresponsive. Check the network connection and reconnect.” We able to resolve for the olde...
Attention: Global TPM team, I have several questions about the Advanced DNS Security Resolver (ADNSR) licensing and region support. In the activation documentation, I noticed the instruction “Select a Region where you want to deploy your product.”Advanced DNS Security Resolver Activation However, I could not find any documentation descri...
Hello everyone, I have a user who I removed form all VPN LDAP authentication groups about a week ago and they are still able to connect to the VPN. I was thinking it may have to do with the cookie re-auth but we have it set to expire after 24 hours. I am at a loss as to why they are still able to connect. I was hoping someone has had a simila...
Hi There,I would like to establish an IPSEC VPN connection between the Palo Alto firewalls and the Fortigate. This setup is necessary to allow remote access to the Palo Alto firewalls from the Citrix servers. This is for Management connectivity.The inquiry is, IPSEC VPNs are generally configured to facilitate the passage of data traffic1. I want...
Hello Team, I'm currently dealing with an issue where UIA is unable to validate certification. The certificate does not have a SAN setting. I plan to change the certificate to one that has both CN and SAN set, but have not been able to do so yet. The certificate validation has occurred since applying an OS patch, so I have asked the OS ven...
How to create BIOC rule for AD machine account. Example if someone use net use command. so how to create alert for this use case ?
Attention: JAPAC TPM TeamHello Team, I am testing the Prisma SASE Aggregate Monitoring APIs(https://pan.dev/sase/api/mt-monitor/) and encountered an issue. When calling the “Get number of users at location(s)” endpoint:https://api.sase.paloaltonetworks.com/mt/monitor/v1/agg/locationsUsersusing the “User Count across Locations” operation, I co...
Hi support, I plan to perform firmware upgrade from 11.1.6-h3 to 11.1.10-h10. May i know version 11.1.10-h10 is stable version? or you can recomend which version is stable? and please provide guide step by step to upgrade from version 11.1.6-h3
Hi everyone,I’m looking for some guidance on whether it’s possible to forward Cortex datasets to a dedicated syslog server for long‑term retention. Has anyone successfully done this, or is there a recommended method?I’m also considering using Microsoft Sentinel as a destination, but I’m not sure if all Cortex datasets can be pushed there.Any ins...
| Subject | Likes |
|---|---|
| 6 Likes | |
| 4 Likes | |
| 4 Likes | |
| 2 Likes | |
| 2 Likes |
| User | Likes Count |
|---|---|
| 13 | |
| 10 | |
| 6 | |
| 4 | |
| 4 |
