This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! Custom url feeds

Is there any sort of documentation surrounding things like adding a custom url in? I'm thinking I'll have to dig into the file system but was wondering if there is anything documented as to what to do. Say I have an ip list at http://somefancywebsite.com/directory/badiplist.txt I wanted to throw into the mix here. Is there an easy way to do th...

chirss by L3 Networker
  • 5716 Views
  • 3 replies
  • 0 Likes

Misidentification on App-ID

Has anyone experience the App-ID misidentify existing Apps? Here is the problem we are having. I have rules allow SMTP (Application-Default) from the Mail Firewall to Exchange. Since yesterday (9/21), the firewall is identifing all the SMTP traffic as Unknown-TCP (25) and drop the traffic. We are running 614-3540 as the Application and Threats, ...

Remote access to PA box when internet connection is broken (PANOS update failed) - how to?

Hello Since month I have remote branch and PA200 there. Today I decided to upgrade from 7.0.9 to 7.0.10. According to change log 7.0.9 should fix upgrade problem, but something went wrong and I havent acccess to my device.Today I will solve my problem using car and long trip but for the future I'm looking for cheap and resonalble solution. Juni...

_slv_ by L4 Transporter
  • 3586 Views
  • 5 replies
  • 0 Likes

PAN-OS 7.0.9 any issues on PA-5050?

Hi Guys, Looking to upgrade HA pair active/passive from 6.1.12 to the 7.0.9. Anything that l should be aware of. I am checking known issues and release notes. Same for the security advisory. But maybe something from your experience (issues that currently reported but will be fixed in the next release) Thx,Myky

VPN / Proxy Traffic

We can see traffic associated with VPN and Proxy but this information is not included in reporting. (ex. Hotspot Shield)

Resolved! Determine type of data

Minemeld seems very nice, I'm trying it out in a vm. One thing I'm having a problem with is determining if the information retrieved is going to be an IP list or domain list. Does the processor care if it gets multiple kinds of data? Any other tidbits of information would be beneficial. Thanks!

chirss by L3 Networker
  • 4046 Views
  • 3 replies
  • 0 Likes

Netflix iOS tcp-rst-from-client

I'm having an issue with Nexflix not running on an iOS device behind a new PA install. Basically no filtering should happen from the PA at all; Nexflix runs fine with no PA in line. The configuration, which has most other applications and web access working: PA-3020, V7.1.4-h2 with 610 definitionsVirtualwire mode, with allow any, no profiles or ...

stuart.l by L2 Linker
  • 4127 Views
  • 1 replies
  • 0 Likes

Resolved! IKEv2 and PPPoE

Hello, Is there a limitation within the ipsec subsystem on the PA? Not being able to assign the ip address assigned to the unit via PPPOE to the tunnel. As below I have setup a static address on the interface, which is not available above: Thanks in advance.

IKE.png
Farzana by L4 Transporter
  • 5079 Views
  • 3 replies
  • 0 Likes

Resolved! Handling Google Mail (1e100.net)?

So our organization makes use of Google's cloud services as our email provider and it's a nightmare trying to control on the PA's as they don't accept wildcard's for IP's nor FQDN's. Challenge here is Google seems to send emails (SMTP) to every **bleep** *.*.*.26 and *.*.*.27 address on the planet (1e100.net servers) and gets old coming in ever...

PeterT by L2 Linker
  • 12874 Views
  • 11 replies
  • 0 Likes

Validation Error: profiles -> url-filtering -> <profile> -> license-expired Not available for PAN-DB

If during the switch from Brightcloud to PAN-DB the URL categories fail to migrate you will get a commit error on each profile that retains the Brightcloud URL categories. Validation Error:profiles -&gt; url-filtering -&gt; &lt;Profile Name&gt; -&gt; license-expired Not available for PAN-DBprofiles -&gt; url-filtering -&gt; &lt;Profile Name&gt; ...

Walhovd by L0 Member
  • 3974 Views
  • 1 replies
  • 3 Likes

GP Disconnects

Greetings, I am not sure if someone else has come across this issue before with global protect and just wanted to run by some of you guys. The issue that I am having with GP is that it randomly disconnects. The VPN connection perform fines when under relatively light load with no issues or disconnects. The issue arises when you begin to push the...

Traps - Change existing rule ID number

Hello All, It would seem to me that you are unable to modify the rule ID value of an existing policy in traps.Has anyone had any experience with this? I suspect you would be able to export the rule set, modify the XML, then re-import, but I was hoping for a way to just modify the ID number in console. Issue being, that although when new rules ar...

Ronen by L1 Bithead
  • 2014 Views
  • 1 replies
  • 0 Likes

Office 365 - not updating indicators for onenote, identifty planner, crl's

MineMeld is not retreiving indicators for o365 onenote, identity, planner, sway, office 365 video, crl's runing version 0.9.20. Is anyone having this issue? I've installed a second server fresh install of MineMeld and i'm seeing the exact same issue: Polls via logs but does not parse the data 2016-09-20T18:03:14 (4124)basepoller._poll...

onenote.PNG

VM-firewall available to create subinterfaces

Hello Community, I need to know if it is possible to create subinterfaces in the firewall, when the hyper visor is azure ? Because I need to configure subinterfaces and I can not see the option to create them. Best RegardsAndres Padilla

Apadilla by L3 Networker
  • 1896 Views
  • 1 replies
  • 0 Likes

Resolved! Application version 614

Hello Guys, New emergency application version is out 614. Checking the release notes not clear for me what exactly changed. I can see that Palo modified vulnerability signature. Ok what is it? and if l need this to be installed. Could someone clear it for me? Thanks all,Myky

APP release 614.PNG
  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks