This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4117 Views
  • 0 replies
  • 0 Likes

gamenet.ru false-positive

Hello,​I represent GameNet technical support service (www.gamenet.ru). We are designed an application QGNA for our customers (over 10 000 000 people) for game launch.​Direct link for test on VirusTotal:https://www.virustotal.com/ru/file/6f6f19e994c1c7049ce4b3db06f6ab93aaa353557b68e2232f2178e97f4968bd/analysis/1488899966/​Waiting for your respons...

Resolved! Monitor subinterfaces and get NetFlow statistics

Hi,We have a PA-5020 and configured a few AGG interfaces with subinterface; recently, we installed a SolarWinds NTA to get NetFlow statistics, but I am not able to get anything from this device.I have created a profile and applied to the subinterface through which the Internet traffic goes, but it does not send any information to the NetFlow col...

MMCiobanu by L3 Networker
  • 16171 Views
  • 20 replies
  • 0 Likes

Resolved! blocking apps on non-default ports

Hi, Sadly don't have PA to play around at the moment, so have to pass this question for all you out there as I'm sure I cannot be first one with such an idea. What is the best way to block apps on their non-default ports?Basically, allow apps ONLY on their application-default ports. My first thought was like:Rule1 - src: trust, dst: untrust, app...

nikoo by L3 Networker
  • 4705 Views
  • 4 replies
  • 0 Likes

Resolved! Can I enforce security based in AD Computer groups yet?

I see history here indicating the user-id agent has been blind to computer names when the group membership is added to user IDs. The CLI DOES show the computer name as a userID (with a post-pended $) and the groups are mapped correctly to the computer group I created and dumped the computer in. On the other hand the USER signed into that comput...

JWileyR by L1 Bithead
  • 4579 Views
  • 3 replies
  • 0 Likes

Anti-spyware Profile Rule category explanation

Does anyone have some document that explain the different categories in Anti-Spyware profiles? They're kind of self explaining, but does anyone have a document similar to the URL category explanation? Thanks

17098052_10207743432858343_7241440398395006066_o.jpg
gtomte by L3 Networker
  • 4588 Views
  • 4 replies
  • 1 Likes

Resolved! FTP Protocol Injection Bypass Palo Alto Firewall

Hi About News SMTP over XXE attacks against Linux-based firewalls. - link (https://www.bleepingcomputer.com/news/security/java-and-python-contain-security-flaws-that-allow-attackers-to-bypass-firewalls/) How we can create custom signature or disable classic mode FTP in PANOS to protect from this Vulnerability . Thank you.

Resolved! User-ID. Is WMI really needed?

Hi all I have an end-customer who is using ServerMonitoring and User-Id agent at the same time. His AD has been audited by Microsoft and discovered that their performance is affected by thew WMI probbing. My questions is. If they remove all ServerMonitoring and kept only the User-Id Agent? Do they need the WMI configuration in both Firewall and ...

SOC_CSG by L4 Transporter
  • 5582 Views
  • 4 replies
  • 1 Likes

Resolved! HA scenario questions?

Hi folks, I am learning (self training at this point) about my company's two Palo Alto 3020 devices in our datacenter. We are currently only using one device for our routing, firewall, etc. I am tasked with eventually configuring the second one as HA and the switches below it as redundant. As I am continue in the self paced learning, I put to...

PA_HA.jpg
OMatlock by L4 Transporter
  • 4869 Views
  • 3 replies
  • 0 Likes

NAT question for stretched external IP and different internal IP

The setup is 2 data centers with 2 sets of PANs (5060). An AS is stretched between the 2 data centers /24 primary in each data center, so if one ISP fails /24 block will enter the other data center. Normally for just internet failures internal IP is preserved. When a data center outage occurs, internal IP are changed. How do you configure NA...

takhtar by L0 Member
  • 2493 Views
  • 3 replies
  • 0 Likes

New Minor Support

One of my customers wants to see new Minors for these feeds below. Is there anything planned? If so, what is the timeframe? Thanks! 1) Crowdstrike 2) CCIRC - I can see one for Australia named AusCERT. Anything for Canada?3) R-CISC – Retail Industry LG

Youtube streaming not blocking

We want to block youtube streaming via Palo Alto. We create the Custom URL Category "testing" and enter the site "*.youtube.com" (with quotation). We select the testing category in Decrpytion profile and Action "Decrpyt" and Type SSL Forwarding. We create the security policy src:any, destination:any and deny youtube-base. But still we can we vie...

Resolved! O365: No Indicators, Miner not working

Hi, we use Minemeld for grabbing the Microsoft Office 365 IP's and URL's. It run's on a VMWare Server, build with the "Full" .ova with Ubuntu & Minemeld. The installation works fine. After importing the config "office365-config.yml" no indicators are shown. I tried to import every single Miner with saving and restarting the engine. Thi...

Resolved! Single IP List

Just getting started with Minemeld - I noticed that even if a single IP feed is provided (e.g compromised IP list), the inboundfeedmc list still shows as an IP range, e.g 1.179.202.22-1.179.202.22It is possible to get jts a list of single IP addresses instead of an IP range?

calamari by L1 Bithead
  • 5873 Views
  • 5 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks