This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4250 Views
  • 0 replies
  • 0 Likes

Investigation of possible threats

My company has a PA3050. I am new to this device. It is currently setup to mirror/monitor port on current Cisco firewall. The device is reporting that it is finding suspicous files and various other vulnerabilities. There is concern that this is showing that there is active hacker activity on the network. Is there a way to tell the differen...

phxcpv by L1 Bithead
  • 3620 Views
  • 6 replies
  • 0 Likes

copy production panorama policies to lab panorama

Hello Expert I have Panorama VM and managing 6 LSYS on two different PA firewalls. I would like to export security rules from Panorama and import into another Panorama in my lab for policies testing. What type of configuration I need to export from Panorama and import into new Panorama. Also does configuration export include licenses etc or only...

Resolved! active/passive HA setup with existing production firewall

I have a second PA-500 I need to add to an existing production PA-500 for active/passive HA. I have read the admin guide for HA setup, but it appears to be for two pre-production firewalls. Are there any special precautions I need to take into account so that the post production firewall syncs it's config to the new firewall? The admin guide dos...

Bvance by L2 Linker
  • 5715 Views
  • 3 replies
  • 0 Likes

Feature request - VMware tags part of the monitored attributes of VM sources

Hello, One information that is, in my opinion, severely missing from the data pulled from VMware while using the "VM Information Sources", are VMware tags. (for those not familiar with VMware tags, here is a good presentation on the topic: https://www.youtube.com/watch?v=lQnSzP7kj7E). As accurately reflected in the documentation (https://www.pal...

Resolved! Applications for Internet web browsing?

Hello I am not doing SSL decryption on PA, then all internet web-browsing would be boils down to SSL and web-browsing applications, right? So in security policy if I want to allow internet web browsing then allowing applications SSL and web-browsing would be fine?

Resolved! unknown-tcp and web application

Hello Experts Just want to know, 1- If PA can not identify the web application then it will classify it as SSL/Web-browsing or unknown-tcp?2- unknown-tcp and unkown-udp is only for client/server application? Regards, GR

ghostrider by L4 Transporter
  • 11935 Views
  • 11 replies
  • 0 Likes

Cloud file sharing: Unrestricted downloads but block / throttle uploads

Wondering if anyone has accomplished this? Our company has adopted a policy requiring users that need to share large files to use cloud file sharing provider X. However, since we interact with numerous global vendors, they all obviously have their preference. So, as such, we want to allow downloads from all cloud file sharing apps - but block...

User support on PA devices

Hi All, Can I have an information how many users does PA-4060 PA-3020 PA-500 support for "normal" usage.We have some deployment soon and we need this information. Thank you in advance.Ivan

ibogovic by L0 Member
  • 3376 Views
  • 4 replies
  • 0 Likes

Resolved! Custom Application and TAC

Hello Can I request to TAC to create custom application or I have to do by my self? I found this but I guest it is for public application not for internal.http://researchcenter.paloaltonetworks.com/submit-an-application/

Resolved! Hardening the security rule for service ports

Hello Experts In my firewall configuration, many security rules have specific application but service ANY. I would like to harden service part as well. Once I veiw the logs for particular security rule to check service ports, there are many pages, I have to manually go. Is there any way I can generate the report for that particular security rule...

Resolved! Configuration Management

Hi,I have a further question:I don't understand the configuration management yet.The option "Revert to last saved configuration", what does that mean?When is a configuration saved? Every time I commit ? Or only manually? Maybe I have done changes on the device and commit them. Then I check that something doesn't work anymore.What can I do?

MPI-AE by L4 Transporter
  • 3353 Views
  • 4 replies
  • 0 Likes

Route check on PA firewall - Longest match not there??

Hello Experts I want to check which route is matching for some host IP like 10.155.7.33, so I can check the outgoing interface and destination zone for policy lookup. When I run the command “show routing route destination 10.155.7.33/32”, it is showing nothing. Although I have matching route 10.115.7.0/24 in the routing table. Kindly help !

Resolved! Captive Portal - Source Untrust

Hi everyone, I have a Web Server and i want login users with a Captive Portal,can I use the CP with Source Untrust to DMZ (where is my Web Server)?its recommended?Thanks a lotMatt.

  • 24360 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks