This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4132 Views
  • 0 replies
  • 0 Likes

PPoE with Static IP Block

Need to set up a small office with a PA-200 using PPoE. Simple enough...but the ISP has allocated a /29 static block (5 usable IP addresses). We currently have a few 1to1 NATs in place for an SMTP relay and web server so being able to use the entire 5 IP block is necessary. All of the instructions and tutorials pretty clearly use a single IP in ...

PA-200 RULES

Good afternoon. I have a PA-200 and would like some help! Where can I create a rule below within Palo Alto. FORWARD -s 10.0.0.0/16 -d 192.168.1.0/24 -j ACCEPT FORWARD -s 192.168.1.0/24 -d 10.0.0.0/16 -j ACCEPT I am new to my company and I do not know Palo Alto

API for clearing session

Can some one share some light on creating some API to do below steps: 1) identify an application or port ( for ex: 5555 or backup app) when this traffic apprears on one egress interface , need to clear the sesion for this specified traffic. ( situation: we use PBF for soem traffic to choose one path and when that line down , this traffic takes n...

Number of session

Hi,Palo alto suddenly stops client going internet .resolving dns stops ( dns forwarder just giving timeout instead of the dns query result ) .Does it mean maximum number of session has saturated? How can we know maximum number of session reached .Where do we begin to troubleshoot Thanks

sib2017 by L4 Transporter
  • 3201 Views
  • 5 replies
  • 0 Likes

Wildfire SMTP - Malicious objects not blocked

Hi, We recently had our FW setup by an external security company. Yesterday we had a malicious email attack which got past our email scanning service. Although Wildfire identified the attachments as malicious, they were sent on to the recipients (around 500). Luckily our AV's heuristics blocked the execution of the powershell script on most clie...

Capture3.PNG
Kuiper by L1 Bithead
  • 4588 Views
  • 5 replies
  • 0 Likes

Resolved! Nest a External Dynamic List (type=URL) in a Custom URL Category

Is it possible to nest a External Dynamic List (type=URL) in a Custom URL Category or to nest Custom Categories?Example:Custom URL Category = "Allow List"External Dynamic List (type=URL) = "Immediate Allow List" on external server (http://10.11.30.4/url/immediate.txt)Example Result:Allow List (Custom URL Category)anydomain.com*.anydomain.comNext...

Resolved! Security Policy for IPSec traffic

Hello, We are setting up Site-to-Site IPSec VPN between PA and Cisco router. The examples provided on PA websites do not suggest any security policy for this. When we use a security policy for 'Outside-Untrust' to 'Outside-Untrust' to allow traffic between IPsec tunnel end points, we can see traffic matching this policy. Do we need an intrazone ...

Farzana by L4 Transporter
  • 2842 Views
  • 1 replies
  • 0 Likes

scan-host sweep

Hi,Under threat detection, scan host sweep droped some traffic. And under the rules it did not show anything .What does it meanThanks

sib2017 by L4 Transporter
  • 10353 Views
  • 7 replies
  • 0 Likes

Telegram website is not accessible

Hi, I've one client that cannot access https://telegram.org but he can access all other https website. We tried to use a security rule with one source address and any any allow but still the same. In the traffic monitor we can observe the session end reason is aged-out. We are not using any ssl decryption rule. Regards,Sharief

PA telegramTraffic log.png
PA telegramTraffic log2.png

Resolved! How Many public IP be required to setup full HA Active-Active Mode With two Palo Alto NGFW 3020?

Hello Geeks, I would like to ask for your kind support on my issues of 'How Many WAN IP will be required to setup full HA Active-Active failover mode with two Palo Alto NGFW 3020?' First of all, I would like to appologize you all if my question may make your mind complex. We already bought NGFW 3020 firewalls (Two) to upgrade our organization ne...

Wayne88 by L1 Bithead
  • 4139 Views
  • 1 replies
  • 0 Likes

Resolved! spoof

Hi,How palo alto blocks if ip address is spoofed .Why does it not work in vwire modeThanks

sib2017 by L4 Transporter
  • 3932 Views
  • 1 replies
  • 0 Likes

Link Aggregation Query

We have PA 500 which links to 100 Mbps throughput as mentioned by datasheet.If we do link aggregation would it be possible for us to increase that ? Thanks in advance.

  • 24337 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks