General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 106 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 806 Views
  • 0 replies
  • 0 Likes

set up TCP ports timeout

Hello Community,

 

I need to know if it is possible?

 

 change the timeout for the following TCP ports to 4 hours (14400 seconds)

TCP 1521
TCP 2101
TCP 1601-1630
TCP 2101
TCP 18400-18430

 

Best Regards

Andres Padilla

Apadilla by L3 Networker
  • 2614 Views
  • 3 replies
  • 0 Likes

Dynamic virtual routers

Can interfaces be assigned to two different virtual routers so that for example if a particular static route stops working it will "dymanically failover" to the other virtual router which has another static route for the interface?

 

 

Sorry I'm pretty

...

PPoE with Static IP Block

Need to set up a small office with a PA-200 using PPoE. Simple enough...but the ISP has allocated a /29 static block (5 usable IP addresses). We currently have a few 1to1 NATs in place for an SMTP relay and web server so being able to use the entire

...

Identifying user rules UserID

Hi,

 

We are expecting several issues with user identificatiom. We see connections identifying users but suddently the connections stop identifying. 

 

I attach an screenshot

 

UserID captura.jpg

PA-200 RULES

Good afternoon. I have a PA-200 and would like some help! Where can I create a rule below within Palo Alto. FORWARD -s 10.0.0.0/16 -d 192.168.1.0/24 -j ACCEPT FORWARD -s 192.168.1.0/24 -d 10.0.0.0/16 -j ACCEPT I am new to my company and I do not know...

API for clearing session

Can some one share some light on creating some API to do below steps:

 

1) identify an application or port ( for ex: 5555 or backup app) when this traffic apprears on one egress interface , need to clear the sesion for this specified traffic.

 

( situati

...

Number of session

Hi,

Palo alto suddenly stops client going internet .

resolving dns stops  ( dns forwarder  just giving timeout instead of  the dns query result ) .

Does it mean maximum  number of session has saturated? 

How can we know maximum number of session reached

...

sib2017 by L4 Transporter
  • 2647 Views
  • 5 replies
  • 0 Likes

Wildfire SMTP - Malicious objects not blocked

Hi,

 

We recently had our FW setup by an external security company.

 

Yesterday we had a malicious email attack which got past our email scanning service. Although Wildfire identified the attachments as malicious, they were sent on to the recipients (aro

...

Capture3.PNG
Kuiper by L1 Bithead
  • 3649 Views
  • 5 replies
  • 0 Likes

Resolved! Security Policy for IPSec traffic

Hello,

 

We are setting up Site-to-Site IPSec VPN between PA and Cisco router. The examples provided on PA websites do not suggest any security policy for this. When we use a security policy for 'Outside-Untrust' to 'Outside-Untrust' to allow traffic b

...

Farzana by L4 Transporter
  • 2356 Views
  • 1 replies
  • 0 Likes

scan-host sweep

Hi,

Under threat detection, scan host sweep  droped some traffic. And under the rules it did not show anything .

What does it mean

Thanks

sib2017 by L4 Transporter
  • 9170 Views
  • 7 replies
  • 0 Likes

Telegram website is not accessible

Hi,

 

I've one client that cannot access https://telegram.org but he can access all other https website.

 

We tried to use a security rule with one source address and any any allow but still the same.

 

In the traffic monitor we can observe the session end

...

PA telegramTraffic log.png
PA telegramTraffic log2.png
  • 23997 Posts
  • 115 Subscriptions
Top Liked Authors
Labels