This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4117 Views
  • 0 replies
  • 0 Likes

Resolved! Firewall bypass due to Java/Python FTP Injections

Hi. Reading the article below on firewall bypass I was wondering if Palo Alto Networks by default blocks active FTP connections. http://blog.blindspotsecurity.com/2017/02/advisory-javapython-ftp-injections.html That would mitigate the threat. Anyone an idea?

quizizz.com mobile website will not display pictures - app-id blocked as snapchat

We have teachers trying to use the website quizizz.com and the kids can't view the pictures on their phones, the questions come through but not the images. The desktop version works fine. When I check the firewall logs, it shows an app-id block for snapchat. I am not using snapchat on any of the test devices. Has anyone else had this issue w...

pko by L1 Bithead
  • 3137 Views
  • 1 replies
  • 0 Likes

Configuring multiple OSPF areas with a single L3 interface

I am trying to redistribute EIGRP routes from two AS numbers into OSPF so that my PA can learn the proper routes to the rest of the network, but I am running into a stumbling block since I only have one L3 interface connected to my internal network and the PA firewall will only allow a single OSPF area per interface. The PA is at a remote, unma...

breedend by L1 Bithead
  • 4585 Views
  • 2 replies
  • 0 Likes

BGP routing question.

I have multiple sites (50+ tunnels) doing ebgp with palo alto(VM-100). So PA is learning smaller subnets from all sites which are known to each other by bgp.Additionally connected aws doing ebgp which is all good. But number of bgp routes advertised to aws goes above 100 bgp drops( aws can’t accept more than 100 routes).aws can’t accept default ...

Skype, teamviewer and file transfers

Hello community,I know that this topic was discussed many times, but the issue is still relevant.Is there any possibilties to block only file transfers in applications like Skype or Teamviewer?APP-ID don't have these specific subapps and file blocking profiles is useless for this task.How are you fulfilling this task?

abort a commit

My Pa shows that a commit is waiting to be done and I don't want the changes to occur can it be aborted? I know I can cancell a commit but if I don't want to commit a change but I don't want it to stay in a state of needing to be commited what are my choices.

jdprovine by L4 Transporter
  • 3687 Views
  • 3 replies
  • 0 Likes

PA QoS

Hello Can anyone point me to some docs / urls on how to setup QoS on PA 3000 serise appliance. I would like to "choke" traffic from one specefic subnet transversing the PA

RC-BHF by L2 Linker
  • 1899 Views
  • 1 replies
  • 0 Likes

Resolved! Our Mailgateway is alway blocked

Hi in your database our mailhost inet.schneider-pc.ch is always note as containing Malware..we can remove but about 1 day later it again on the list.. inet.schneider-pc.ch has no webservices only Mail.. Our daily mailflow is about 9000 Mails(we have about 150 business-mail-customers) We have the problem that our customers hasmailtraffic with cus...

it64.ch by L1 Bithead
  • 4681 Views
  • 8 replies
  • 0 Likes

PA200 8.0.0 updated Global protect guide

Hi Iam a proud owner of a pa-200 - updated to 8.0.0 and i was wondering if there is a updated step by step guide to configure GlobalProtect with a dynamic ISP provider (unstable ip) possible to use a loopback interface ? and Certificate.

http-video and http-audio getting blocked with decryption enabled

After enabling decryption recently we started to have a few issues with applications being identified incorrectly.A few common examples of this are sap, http-video and http-audio These end up being blocked with "application default" for the service, this appears to be because in some instances sites use https anyway and once these apps are decry...

tezza by L2 Linker
  • 12987 Views
  • 5 replies
  • 0 Likes

Custom SaaS report possible

Hi I just wanted to say that i love the SaaS report, and its a good way to look at whats been going on. I was wondering if there is a way to make this a little less techincal and customize it more so i can present it in a meeting with people that does not have the same technical or same awerness. Or is there a way to make the Custom report look...

Resolved! Replace 'srcloc' for RFC1918 IPs?

We are using the 'srcloc' field in our logs, and it's pretty handy for Out-->In traffic. But for In-->Out traffic, we get the "10.0.0.0-10.255.255.255' value. This is MUCH too large and a lot less useful. Is there a way to edit the table so that we use a custom code for RFC1918 addresses instead?

ptrivino by L0 Member
  • 2797 Views
  • 2 replies
  • 0 Likes

PAN OS 8 Could not connect to Cloud : SSL/TLS Authentication Failed

After an upgrade to PAN OS 8 i keep getting this critical event and i've seen it on multiple firewalls. domain: 1receive_time: 2017/02/27 10:20:46serial: xxxxxxxxxxseqno: 3449381actionflags: 0x0type: SYSTEMsubtype: generalconfig_ver: 0time_generated: 2017/02/27 10:20:46dg_hier_level_1: 0dg_hier_level_2: 0dg_hier_level_3: 0dg_hier_level_4: 0vsys...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks