This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1805 Views
  • 0 replies
  • 0 Likes

Identifying user rules UserID

Hi,

 

We are expecting several issues with user identificatiom. We see connections identifying users but suddently the connections stop identifying. 

 

I attach an screenshot

 

UserID captura.jpg

PA-200 RULES

Good afternoon. I have a PA-200 and would like some help! Where can I create a rule below within Palo Alto. FORWARD -s 10.0.0.0/16 -d 192.168.1.0/24 -j ACCEPT FORWARD -s 192.168.1.0/24 -d 10.0.0.0/16 -j ACCEPT I am new to my company and I do not know...

API for clearing session

Can some one share some light on creating some API to do below steps:

 

1) identify an application or port ( for ex: 5555 or backup app) when this traffic apprears on one egress interface , need to clear the sesion for this specified traffic.

 

( situati

...

Number of session

Hi,

Palo alto suddenly stops client going internet .

resolving dns stops  ( dns forwarder  just giving timeout instead of  the dns query result ) .

Does it mean maximum  number of session has saturated? 

How can we know maximum number of session reached

...

sib2017 by L4 Transporter
  • 2886 Views
  • 5 replies
  • 0 Likes

Wildfire SMTP - Malicious objects not blocked

Hi,

 

We recently had our FW setup by an external security company.

 

Yesterday we had a malicious email attack which got past our email scanning service. Although Wildfire identified the attachments as malicious, they were sent on to the recipients (aro

...

Capture3.PNG
Kuiper by L1 Bithead
  • 4072 Views
  • 5 replies
  • 0 Likes

Resolved! Security Policy for IPSec traffic

Hello,

 

We are setting up Site-to-Site IPSec VPN between PA and Cisco router. The examples provided on PA websites do not suggest any security policy for this. When we use a security policy for 'Outside-Untrust' to 'Outside-Untrust' to allow traffic b

...

Farzana by L4 Transporter
  • 2552 Views
  • 1 replies
  • 0 Likes

scan-host sweep

Hi,

Under threat detection, scan host sweep  droped some traffic. And under the rules it did not show anything .

What does it mean

Thanks

sib2017 by L4 Transporter
  • 9673 Views
  • 7 replies
  • 0 Likes

Telegram website is not accessible

Hi,

 

I've one client that cannot access https://telegram.org but he can access all other https website.

 

We tried to use a security rule with one source address and any any allow but still the same.

 

In the traffic monitor we can observe the session end

...

PA telegramTraffic log.png
PA telegramTraffic log2.png

Resolved! spoof

Hi,

How palo alto blocks if ip address is spoofed .
Why does it not work in vwire mode
Thanks

sib2017 by L4 Transporter
  • 3745 Views
  • 1 replies
  • 0 Likes

Link Aggregation Query

We have PA 500 which links to 100 Mbps throughput as mentioned by datasheet.

If we do link aggregation would it be possible for us to increase that ?

 

Thanks in advance.

Resolved! Site to Site VPN with error Failed SA

Hi,

 

We have configured a site to site vpn between palo alto and cisco ASA. However, both sites are static and PA is the intiator, ACL is configured properly on Cisco side but I got the error:

 

"IKE Phase-2 negotiation is failed as initiator, quick mod

...

  • 24241 Posts
  • 117 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks