This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

Resolved! How to generate SNMP Trap from CLI/GUI?

Hello I'm on 7.1.7 PANOS and I need to generate traps for testing purposes. I didn't find in manual such CLI command. please advice me how to generate from CLI or if it's not possible how to make a workaround (ie. using trap on virus condition or so) With regardsSLawek

_slv_ by L4 Transporter
  • 10392 Views
  • 2 replies
  • 0 Likes

Resolved! Exfiltration detection?

Has anyone set up a PAN alert for egress bandwidth utilization? For example: If any internal host transfers more than (x) GB in (y) Minutes to the Internet - throw an alert.

Can not access to Web Admin GUI on Active Device Paloalto, can access to Standby device in HA System

Hi All, I have met a problem with access to my Active Pan Device by Web Admin GUI.I can access by SSH Console and I can access to Standby Device in HA System.My device: PAN 3020, OS Version 6.1.4. Have anyone meet the same problem, please share the solutions. Error logs---------------------2017-03-21 11:04:21.009 +0700 Error: pan_authd_user_is_l...

Problem wildfire submission logs missed sender/recipient address

Hi alli have this little issue: I have panorama with a pa 5050 cluster firewall 7.1.5 with wildfire licence. I have a rule to control smtp traffic with a wildfire profile.In the wildfire i have disable benign responce and in the configuration i have selected this: The problem is that i don't see anymore, after a malicous responce, the recipent/s...

Wildefire sub.JPG

Unused rules

I know it is possible to get unused rules since last reboot, but it is obvious the data is in Panorama. Is there no way to get a list of rules not used since a specified date? https://live.paloaltonetworks.com/t5/Learning-Articles/How-to-Identify-Unused-Policies-on-a-Palo-Alto-Networks-Device/ta-p/53202

SSaady by L0 Member
  • 4783 Views
  • 4 replies
  • 1 Likes

Resolved! Cannot ping connected adsl modem.

Hi all, i've connected a adsl modem to our 3020 to redirect some clients to, configured the interface as dhcp client, the port successfully gets an ip address from the modem but i can not ping the modem interface from firewall's cli. I might be missing a simple step but i'm fairly new with PA, any help appreciated, thank you

pa2.png
pa1.png
pa5.png
pa6.png
Oseberg by L1 Bithead
  • 9449 Views
  • 8 replies
  • 0 Likes

Resolved! Line Messenger APP

Hi All, Do we have an application for Line Messenger: https://line.me/en/ Cannot see it in Palo database. Thx,Myky

How to block TCP22 connections

Hi everybody I like to know if there is a way to block incoming connections attemps to port TCP 22. I have an end-customer which has lots of connections to his public ip range 0.0.0.0/24 to port TCP22 but not hit the vulnerability 40015 (SSH User Authentication Brute-force Attempt) because it neves triggers the child signature 31914 (SSH2 Login ...

SOC_CSG by L4 Transporter
  • 4123 Views
  • 4 replies
  • 0 Likes

what exactly is tcp-reuse and does it sends session closure traffic to the client and server?

heyhey we have some problem with old system that are beeign stuck after some tome it is working and on the logs we see the session end reason is "tcp-reuse" my questions are:1) what should be happaning on the network flow for this end-reason log to apear2) will the FW generate some traffic to the client and server to "close" their existing conne...

minow by L4 Transporter
  • 25657 Views
  • 1 replies
  • 0 Likes

Resolved! How to submit a CSR to Microsoft CA?

Hello folks! I have seen a few articles and documentation for generating CSR and submitting to Microsoft CA for subordinates. What about just a root stand alone enterprise Microsoft CA? I am preparing to configure a Global Protect portal, generated/exported my CSR, pasted into the Microsoft CA interface, but unclear of what option settings to s...

microsoftCA_1.jpg
OMatlock by L4 Transporter
  • 2402 Views
  • 1 replies
  • 0 Likes

Research paper shows vulnerabilities with SSL interception

On Feb 2017, some universities, Mozilla, Cloudflare, and Google released this paper on corporate and desktop HTTPS interception. First they figured out how to identify when someone connects to a web server through an SSL interception appliance. Then they found that most corporate "man-in-the-middle' appliances expose security vulnuerabilities. B...

Maxstr by L3 Networker
  • 4669 Views
  • 5 replies
  • 0 Likes

CLI debug pcap verbosity levels

I've been using the cli debug pcap captures for a number of issues recently but was frustrated in the last one by a lack of detail. In this case I was capturing OSPF (debug routing pcap ospf on). When I viewed the capture it looks more like a summary of the hello messages without the contents. Is there a generic was to turn up the level of infor...

JWileyR by L1 Bithead
  • 2925 Views
  • 1 replies
  • 0 Likes

Resolved! IPS best practise

Hello all, I configured my security profiles with default seetings .. Is ther any refrence for best practise for IPS and wildfire ??

Miner Data Priorities

Is there a way to have MineMeld prioritize miner data once they get to the output stage? Since some output feeds may be too large for certain firewalls, I want to ensure that our static blacklist is always at the top of the list. Currently new additions that don't overlap space with other miner data seem to show up at the bottom of the list caus...

groehl by L0 Member
  • 2971 Views
  • 1 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks