This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4473 Views
  • 0 replies
  • 0 Likes

DNS traffic identified as sophos-live-protection

Some DNS traffic is classified as sophos-live-protection in our traffic logs. Has anyone else seen this? I only have logs 5 days back in time, so I cannot say when this started but it wasn't with the latest apps update. Our firewall is PA-5050 running PAN-OS 6.1.14.

Globalprotect client

I want to do some testing on new global protect clients but I don't want to make it update anyone tell I can test it, How do I get the software to test with out making it the default cleint on the firewall?

jdprovine by L4 Transporter
  • 10365 Views
  • 25 replies
  • 0 Likes

Security policy: exception question

Hi, I'm trying to create a security policy that would block all critical traffic from source zone "A", to destination zone "B". However, I want to allow traffic from a specific IP in zone "A". How can I make an exception to allow that IP? I assume I could create a policy to allow that IP and then one below it block traffic from that zone but I w...

Resolved! message security over http

How does PA handle message security over http ?Whereas https secures the communication, message security secures the content. I would expect PA does not touch http content. But we are having issues with an application that connects to a partners server. Application throws this error, I guess it's a pretty default .net error:An error occurred whi...

dieter_b by L4 Transporter
  • 11467 Views
  • 16 replies
  • 0 Likes

Resolved! Replace ASA5505 with PA200 Teleworker

I have a remote user that's setup with an ASA5505 configured for teleworker. They move around and don't always have a static IP address at their locations. It's configured to call home to my ASA5540s and create the tunnel.My question is if the PA200 has this capability to do the same back to my PA5050?

JeffDBO by L1 Bithead
  • 3697 Views
  • 4 replies
  • 0 Likes

Resolved! AutoFocus Miner Thought

Getting the minemeld engine up running the AutoFocus/TAXII redesign today, one thing I noticed while trying to create better and more targeted AutoFocus miners is that I cant create a list that maintains a specific “age” Where many lists will allow an operator to call out the last 7 days or last 60 days of events, or being no older than that, ...

hallerr by L2 Linker
  • 5785 Views
  • 3 replies
  • 0 Likes

Resolved! POP3, SMTP and IMAP setup

Hello, Our POP3, SMTP and IMAP is currently set to Default (Alert) in the AV profile. We have noticed malicious emails coming through and identified via Wildfire for staff using personal email addresses/computers using POP3 protocols? These personal computers are allowed on some of our remote sites. Should POP3/SMTP and IMAP be set to Drop-reset...

Antivirus.png
Farzana by L4 Transporter
  • 10576 Views
  • 4 replies
  • 0 Likes

Custom App-ID vs "Unknown-UDP"

If I create a custom app-id for an application we use, will it no longer match the "unknown-udp" (which we block)? Or do I need to do an application override as well?

Global Protect on MAC - How to Clear Cookie?

I'm running Global Protect on my Macbook. I have the gateway configured to accept cookie and set to 24 hours.For troubleshooting purposes I'm trying to figure out how to clear my cookie on my Macbook so it does not automatically connect.

craigkp by L0 Member
  • 5159 Views
  • 1 replies
  • 0 Likes

SKYPE

Why would a rule with app-id of skype show up in logs as ms-lync when Lync is not part of rule

Resolved! A little help with Subinterfaces and intraVLAN routing

I have a PA-3020 with fairly typcial config with a L3 untrusted interface and several trusted sub interfaces. I have a couple questions. Prior to this, I was doing my intravlan routing on my core HP2920 switch. My 192.168.123.0/24 network is the native vlan 1 which I understand to be always untagged. The .123 is my "original" network before I ou...

firefox_2017-03-22_06-35-32.png
Raland by L1 Bithead
  • 5336 Views
  • 4 replies
  • 0 Likes

User-ID agent upgrade consideration

Hello, I have two Palo Alto Firewalls, each running different software version, 7.1.5 and 7.0.7.Both firewalls connected to the same User-ID agent server. The User-ID agent version is 7.0.5-3 I am planning to upgrade one of the firewall from 7.1.5 to 8.0.1.Can I keep the User-ID agent 7.0.5.-3 or should I upgrade the User-ID Agent version to 8.0...

qafcopa by L1 Bithead
  • 3604 Views
  • 1 replies
  • 0 Likes

Resolved! Global Protect Agent captive portal Graceperiod timeout

Hello, When the Enforce GlobalProtect Connection for Network Access feature is enabled, we can define a Gaceperiod to allow users to temporary connect through a captive portal ( hotel proxy...) Maximum timeout, i can see is 3600 seconds (1 hour)... Which mean that users have 1 hour to connect through the proxy after which the Network Access will...

  • 24380 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks