This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4472 Views
  • 0 replies
  • 0 Likes

Resolved! Feature Request

Can we get a widget that shows status and performance metrics of user and ipsec vpns? Status is hard to find (and not on one pane), and there are no performance metrics at all.

Unable to connect to https://login.microsoftonline.com

hiThe whole company behind PAN firewall is unable to connect to https://login.microsoftonline.com.no blocked page, just "sign in to your account" web portal but no place to login. Firewall does not show any blocked/dropped connection to this URL.I create a brand new test rule, put on top of the rule sets but no luck. Any suggestions/idea appreci...

SSL decryption and browsers behaviours

Hello, We are planning to perform SSL Decryption for overall Web Traffic (we are a public organization of around 5000 users). We have started several tests by implementing SSL Decryption Best practice like not decrypting "Financial Services" and "Health" categories. However we are facing common issues with browsers that often states that connexi...

ie_manor_ssl_no.JPG
ie_manor_ssl_yes.JPG
ie_migros_ssl_no.JPG
ie_migros_ssl_yes.JPG

Resolved! Wildfire & ZIP files

When I have the PE type selected for Wildfire are ZIP files sent to be scanned if they contain EXE files? I thought they were, but figured I would ask.

nthen by L3 Networker
  • 10731 Views
  • 9 replies
  • 0 Likes

Resolved! Security Policy Exception

Has Palo Alto looked into the capability for security policies to be built using an exception based logic. For example: Src: 10.0.0.0/8 (except) 10.100.0.0/24 Dst: ** App: ** etc.... This would then allow all 10. traffic except for the 10.100.0.0/24 subnet This is a function available in Checkpoint and some other platforms that has been very hel...

Blocking/Alerting on Web Sessions to IP Address Formatted URLs

One of my customers has asked if it is possible to block and/or alert upon HTTP or HTTPS connections that are made directly to an IP address instead of a dns name. The specific IP addresses or DNS name is not defined, they would just like to alert upon this behavior any time it is seen since some malware can be hard-coded with IP addresses and ...

palalto-updates vs ssl

After years of content update traffic showing up in traffic logs as paloalto-updates application, this traffic suddenly started showing up in traffic logs as ssl application. This all started at approximately 6:40pm Eastern time on 4/1/2017.Has anyone else experienced this and if so do you have any idea why this is?

herrmoss by L2 Linker
  • 3319 Views
  • 3 replies
  • 0 Likes

Resolved! Wildfire file-size-limit

Just installed PANOS6 on a PA200 platform.Did a change at the configuration and tried to commit. While commit I get the message:Validation Error:deviceconfig -> setting -> wildfire -> file-size-limit unexpected heredeviceconfig -> setting -> wildfire -> file-size-limit is invalidTried to change the values at device -> settin...

Hithead by L4 Transporter
  • 12827 Views
  • 10 replies
  • 0 Likes

Configuration Update Descriptions

Hi all, The commit description is potentially really useful for tracking changes and linking back to change tickets, but I can't see where I can display a list of commits with the descriptions, to review what has been done. The configuration log shows individual changes which is good detail, and the config comparison shows the description agai...

djr by L4 Transporter
  • 2931 Views
  • 3 replies
  • 0 Likes

Resolved! Query on QoS

Hello, We would like to configure QoS on PA to give priority to VOIP and video based traffic. The Internet connected to the FW is 100Mbps and the connection between the core switch and PA is 1Gbps. If I make a QoS profile and I want a guaranteed bandwidth of 25Mbps, but what about max bandwidth? What do I set? 100 Mbps?If so, when applying this ...

Farzana by L4 Transporter
  • 2829 Views
  • 3 replies
  • 0 Likes

Panorama Dynamic Update overlap

Given the best-practices for Dynamic updates here, how do i configure this in Panorama and not have the commit warning for deployment schedule overlapping with 5 mins of another? Its always going to be the case where Wildfire checking every minute will overlap with all other schedules at some point in time...I thought Panorama in 7.1 could multi...

Can I use PAN-OS 8.0.0 to Study for the PCNSE 7 exam?

Hi guys, I've been looking at getting a PA VM-50 for training puposes but I have been told that the both VM-50 and PA220 ship with PAN-OS 8 and is not backward compatible with earlier versions of code is this true? Is there any reason I couldn't use PAN-OS 8.0.0 to study for the PCNSE7? Thanks Matt

Restricted access to API?

Hi *, I'd like to know if it's possible to restrict access to the API? (ex: to some IP addresses). Example: if remote management is allowed from 192.168.0.0/24, is it possible to restrict the API usage to 192.168.0.1 by example? Is it an option to dedicate a specific IP address to the answer to API requests? What are the best practices to prev...

XavierMe by L1 Bithead
  • 5456 Views
  • 4 replies
  • 0 Likes

Proxy filtering or paloalto filtering

Hi All, i have proxy in my network which is responsible for all filtering and categorizaing , also i bought a licnese for url filtering on paloalto so, is there any benefit to allow filtering and categoriziang on both ? or no need for filtering on paloalto since i have proxy

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks