This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4141 Views
  • 0 replies
  • 0 Likes

Policies / application question

Just trying to understand PAN and policies better. If we want to allow all web-browsing, what can we do? As soon as the application is identified, we will need a policy for this specific application (for example Google base). Otherwise we will hit an interzone default deny (if between zones). I can allow port 80 and 443 as services, but this wil...

mathiasj by L1 Bithead
  • 2107 Views
  • 2 replies
  • 0 Likes

globalprotect key

When I install the globalprotect client on a pc I never have to enter a key, how and when does the key get passed

jdprovine by L4 Transporter
  • 9581 Views
  • 23 replies
  • 0 Likes

Generate Traffic Report on PA Firewall 7 Months Ago?

Hi All,Tried generating traffic report from month of May. But, Under Manage Custom Reports > Run now "Result was No Matching Records" Report Setting are: Database: Traffic LogTime Frame: May1-31Sortby: Top 500Group by: 25 GroupsSelected Columns: Destination zOne Do you think we can still see those logs?For PA Admin. How long would our PA devi...

Resolved! ssl sever certificat can't be verified

Hello I encountered a strange situationI tried numerous time to connect a global protect agent in version 2.1.x on windows 8 and with a mac tooand I obtain a message can't verified the server certificatI tried to connect with the FQDN specified in the certificate server, and I installed manually the root CA and the intermediate ca in the correct...

Gregoux by L4 Transporter
  • 5423 Views
  • 5 replies
  • 0 Likes

It does not update

Hi, Pa-500 show "app mistach" . They have 6.1.0 version and are configured in active-passive mode. They shows in interface web "App version" and "Threat version" Mismatch. If I make a ping to updates.paloaltonetworks.com from devices, my computer and "web ping online" and the this test fails. Is it normal? In system/logs, it shows connection to...

Screenshot_18.png
Screenshot_19.png
Screenshot_20.png
Screenshot_21.png

List Office 365 using MineMeld does not work

Hi, I have installed Minemild and I applied article and create dbl for Offcie365: https://live.paloaltonetworks.com/t5/MineMeld-Articles/How-to-Safely-Enable-access-to-Office-365-using-MineMeld/ta-p/120280 I have cretate 2 rules for Office 365 to test if feed sources Office 365 works. I have a rule to match with feed list office 365 servers and ...

Screenshot_11.png
Screenshot_14.png
Screenshot_13.png
Screenshot_12.png

Deploying Self Signed Certificate to Firefox

For those that have implemented SSL Decryption in your environment, I'd love to hear your experiences on how you deployed the certificate to Firefox users. There seem to be different methods mentioned, but not certain how reliable they are. Thanks!

mdyragos by L1 Bithead
  • 3841 Views
  • 3 replies
  • 0 Likes

Mac MS RDP Cannot Connect to Win7 while GlobalProtect Agent is Connected

Using MS Remote Desktop (RDP) on MacBook to connect to a Win7 work station. When GlobalProtect agent (GP) is connected on Win7, an RDP connection cannot be made. Disconnect GP on Win7 and the RDP can connect. However, attempt to connect GP on Win7 after RDP has connected, and the RDP gets disconnected. Ideas? Version information:MacBook running ...

Resolved! Routing Table BGP

I presume that there is not way if I have a box that only has a max acceptance route of 2500 only way to adjust this value is to repalce box? No software updates can acheive this ?

Resolved! Feature Request

Am I the only one that is wondering why a "Feature Request" should be submitted to a reseller? Why not have a central site that is searchable so that you are not duplicating something already submitted or a sticky page that has feature requests that you can chime in on and say "Yeah, that sounds like something I'd like to see" or some variation ...

twilson by Not applicable
  • 9685 Views
  • 8 replies
  • 5 Likes

Security Policy question setting application and services

Hello, in the security policy that is setup. Is it best to set the application and services the same?So this will help keep that security policy safe from outside device try to see what other application can be use on that security policy. example would be a nmap script using get commands with additionals handshakes in the script, so the logging...

Resolved! Set Interface to default settings

Hi everybody I got a pair of PA-3020. Some time ago I configured several interfaces to layer2 type and now they are not in use anymore. Is it possible to set them to default config, I mean with NO inteface type? I As you can see in the photo, ethernet 1/11 is (was) a Layer2 interface and I want to set it without any type, liker ether1/12 Is it ...

interfaces.png
SOC_CSG by L4 Transporter
  • 2810 Views
  • 2 replies
  • 0 Likes
  • 24340 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks