This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4113 Views
  • 0 replies
  • 0 Likes

OS 7.1 blocking telnet over SSL

We have in-house software that uses secure-telnet port 992 and that has been blocked after the 7.1.4-h2 upgrade. I've created a rule to pass the traffic to the destenation address with any application any service but never help, the logs said reset both by internzone rule, only changing interzone rule to allow will let the application communicat...

Top 5 user behavior report

In the predefined report it has a section called Top 5 user behavior report. What exactly is this telling me about the user/pcs/devices that are listed?

jdprovine by L4 Transporter
  • 2436 Views
  • 3 replies
  • 0 Likes

globalprotec vpn for phones

Is anyone using the globalprotect vpn client for their phones and mobile devices? How do you like it? Can it use the same portal and gateway and the pc's? Was was the cost and how much was it

jdprovine by L4 Transporter
  • 2954 Views
  • 4 replies
  • 0 Likes

Lync Client and GlobalProtect Split tunneling issue

Hi, Mircosoft recommands to enable splitunnling for lync. https://blogs.technet.microsoft.com/nexthop/2011/11/14/enabling-lync-media-to-bypass-a-vpn-tunnel/ To still continue to have the internet over the VPN, how can Globalprotect client only allow specific public ip address to bypass the tunnel? Thank you Kind regards, Pierrick

Resolved! Problems with Skype rule letting traffic through

Hi,I am trying to configure a rule on the PA2050 to allow SKYPE out of the network, and I am seeing a bit of a security hole in the app rule.I have set it up using the document:https://live.paloaltonetworks.com/docs/DOC-1505/controllingskype.pdfI have:From Zone: Trustto Zone: UntrustAddress: <My Workstation>Application: SKYPE, SKYP...

jenkinsp by Not applicable
  • 5298 Views
  • 4 replies
  • 0 Likes

Resolved! False Positive? Network Time Protocol Daemon crypto-NAK Authentication Bypass Vulnerability

Name: Network Time Protocol Daemon crypto-NAK Authentication Bypass VulnerabilityUnique Threat ID: 39734criticalCVE-2015-7871 FIRST RELEASE612 (2016-09-14 UTC)LAST UPDATE612 (2016-09-14 UTC) Anyone else seeing lots of "Threat Alerts" for this signature? Just started seeing these Threat Alerts come in from multiple PA-500's for our orginization ...

Resolved! Dual Factor Authenticatin for Global Protect - possible?

Folks. Does anyone know if it's possible to integrate dual-factor authentication (SecureID or similar) into Global protect authentication? Our business is requiring more and more rigid access control for VPN access (among other things), and I need to look into getting some form of 2FA integrated into our VPN sign on in the short to medium term. ...

darren_g by L4 Transporter
  • 5344 Views
  • 5 replies
  • 0 Likes

Application Usage Report

Which report, and what configuration should I use to get every user/source IP of a user using a specific application? I currently tried "Device Traffic Summary" sorting by "bytes" top 5 grouping by user, but I can only have top 50. So only the "Top 50 users consuming the most bandwidth." If I try ACC and target the application I can get top 50...

Resolved! APP ID question

We created a new rule for tableau application. There is an existing app-id for Tableau which specifies ports 80/443 but when we tried to test we got a deny. Service worked when we added SSL app-id. Question is if Tableau shows ports 80/443 as standard ports then why would we need to add SSL for it to work.

New blockIPS prototype doesn't have URL specified in config

From ETOpen.yml blockIPs: author: Gregory Roehl (paloaltonetworks.com) development_status: STABLE node_type: miner description: > Raw IPs for the firewall block lists. These come from Spam nets identified by Spamhaus (www.spamhaus.org), Top Attackers listed by DShield (www.dshield.org), Abuse.ch. config: source_name: ET.block_ips attributes...

Multicast on pa-7050

We are attempting to configure pim sparse mode via the PA-7050 which is going to be used as a control point for various virtual routers on our juniper mx core. From what I can tell the pim is configured correctly, and the proper rp has been selected. multicast routes appear correct, however the traffic is still being dropped. This is the co...

terrys by L1 Bithead
  • 2270 Views
  • 1 replies
  • 0 Likes

minemeld-engine exits after auto-update to 9.20

from minemeld-engine log jjust after the update 2016-09-09T06:48:49 (20984)launcher.main INFO: mm-run.py arguments: Namespace(config='/opt/minemeld/local/config', multiprocessing=0, verbose=False)Traceback (most recent call last): File "/opt/minemeld/engine/current/bin/mm-run", line 11, in <module> sys.exit(main()) File "/opt/minemeld/e...

  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks