This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4244 Views
  • 0 replies
  • 0 Likes

Rule too allow access to group of URLs?

PANOS 7.0.4 and I'm struggling to do something that feels basic 🙂 I need to allow anything on the LAN access to *.sophos.com *.sophosupd.com*.sophosupd.net*.sophosxl.netocsp2.globalsign.comcrl.globalsign.comas per https://community.sophos.com/kb/en-us/121936 Right now we use captive portal but of course machines might try to update when nobody ...

Regex

Is there any specific regex pattern for Palo Alto ?i am trying to create a Regex that matches SSN but it doesnt seem to like it.It either errors out as it should be 7 bytes long or it is invalid.

Resolved! Order of different NAT

Hello Experts I am just wondering, what is the order of different NAT on same packet. Lets say I want to do destination NAT and source NAT for the same packet. What NAT will happen first destination NAT or source NAT?

Resolved! Destination NAT or Static NAT

Hello If I configured static NAT and destination NAT for one public service to be accessible from Internet. What type of NAT rule will be utilized by PA, I mean static NAT or destination NAT or it soley depends upon the order of rules?

Resolved! Proxy ID in SA?

Hello Experts I have site to site VPN between HQ PA and branch PA. I used the proxy id on HQ as Local: 172.16.110.0/24 remote: 10.10.10.0/24 and everything is working. Now brach office need to access another subnet in HQ that is 172.16.111.0/24. In this case I have to create one more proxy id on both side or just allowing this new subnet in appr...

Resolved! Can't do a commit ! Auto-commit failing

HiHave got a Pa-3020 Demo box to use for a POC, but I cant commit anything as "commit operation aborted as auto-commit not done yet"In the Task view several auto-commit antries are failed.Any one has any suggestions ?? Best Regards Jens W

TestASite issues - not a valid URL

I have been having issues lately with many URLs I manually submit to the test a site page. I am receiving a message that the URL is not valid when it is 100% valid. Anyone else having this issue?

Resolved! Differences between stdlib.feedHCGreen and stdlib.taxiiDataFeed output miners

Hi, I have each of my processors set up to send to two different output miners - one for the firewalls to ingest (stdlib.feedHCGreen) and one for my SIEM to ingest (stdlib.taxiiDataFeed). I'm seeing differences between what is ending up in my SIEM and what is on the list for the firewalls. I believe feedHCGreen outputs are correct while TAXII ...

feeds1.png
feeds2.png

How to approve that PaloAlto is sending Netflow

Hi, Please I need Help !! I have installed Netflow integrator to collect netflow data from PaloAlto firewall.I have configured PaloAlto to send netflow data to the server Netflow Integrator.But there is no data is receiving .How can I know that paloalto is sending netflow.Is there a solution that help me to verify ?Thanks in advance. Best Regards.

Nessrina by L0 Member
  • 2283 Views
  • 1 replies
  • 0 Likes

Error Checking Credentials - Bad Request

We are no longer able to log into the Web GUI after upgrading from v0.9.16 to v0.9.24, it shows the error "Error Checking Credentials - Bad Request" - the username and password are a copy and paste from before so the credentials are correct - default username and password do not work neither - a reboot didn't help - all services are running ...

Resolved! How to properly disable 3DES encryption algorithm?

We are currently being required to disable 3DES in order to pass PCI compliance (due to the Sweet32 exploit). We have a decryption profile for all incoming traffic hitting our firewall and services behind it, where I have tried disabling 3DES.However, the firewall will still accept 3DES after doing a commit. When opening the decryption profile a...

3DES.png
arvesynd by L3 Networker
  • 16542 Views
  • 6 replies
  • 0 Likes

App-ID with encrypted sharepoint app

Hello Experts Just want to ask something, If I am running sharepoint application on https like https://myintranet then firewall will classify this application into what? Just SSL or sharepoint as well

Resolved! Service port to application help

Hello Experts We migrated Juniper netscreen firewall to PA. I am just struggling to make application based policies. User just send the ports to make security policies. Like: 1- Allow port tcp 1549 on mysql db2- Allow https://ebs:8000 How I can handle this to put application only? Kindly help me with best practice with PA Regards, GR

Active Directory Application

Hello I create the security policy to allow users to logon to domain by simply selecting the activedirectory application but it is not working? Should I need to allow additional applications ?

  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks