This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4105 Views
  • 0 replies
  • 0 Likes

Query regarding Dual ISP through 2 VPNs

Hello, Trying to verify fail over using redundant tunnel at two different sites but it does not work properly.Methods tried to test: 1:disabled the IPSec tunnel on one end, remote end which was monitoring the link failed over and chaned the routing table but the local PA kept the same route in the routing table. 2: changed the IPsec profile on o...

Farzana by L4 Transporter
  • 1744 Views
  • 1 replies
  • 0 Likes

Any stable release of 7.1 yet?

We recently purchased AutoFocus and I know for the firewalls themselves, it needs 7.1.x for a lot of the integration. Are there any recommened versions of 7.1 yet? I know 7.1.4-h2 was recently released. We mainly have PA-500s with a few 3020s and 200s out in production.

Resolved! urlfiltering.paloaltonetworks.com - certficate revoked??

Is anyone else having a problem browsing to urlfiltering.paloaltonetworks.com? We can't get to it from here. We are being told that the certficate has been revoked. (SEC_ERROR_REVOKED_CERTIFICATE) I tried two different paths to the Internet from our corporate network with the same results. The rest of paloaltonetworks.com is accessible. Than...

RSKadish by L2 Linker
  • 5823 Views
  • 5 replies
  • 0 Likes

Threat signatures requiring ssl decryption

Is there a way to determine if a threat signature requires ssl decrypt in order to provide protection. I undertsnad this could have at least three posibilities being fully required, partially required, and not required. Using signature 14616 in content version 608 as an example, I cannot determine if I will ever see hits on this threat ID if I d...

Lepton by L0 Member
  • 4085 Views
  • 4 replies
  • 1 Likes

Resolved! Issue With GlobalProtect VPN

Hi, Can someone please point me at the right direction? 2 PA-500 devices are in active-passive configuration. When connected via global connect, getting IP address in the correct range but cannot reach any internal address and trace route does not proceed beyond the first hop of the gateway on the Firewall. However, from a PC behind the firewall...

Farzana by L4 Transporter
  • 7660 Views
  • 9 replies
  • 0 Likes

PA v200 SSL offload

Hi, Please can someone confirm that if PA v200 virtual Palo Alto firewall can do the following? 1- Off load SSL request from customer (HTTPS) 2- Inspect the packet 3- Re-encrypt it and forward to next hop in secure (https) format Regards,

Blocking Web Advertising with PANDB and websites that check for blocking

Hello,For several years, we have been blocking URL content classifed as "web-advertisements" within PANDB. This has been extremely successful in stopping malicious ads from comprimising systems. More and more websites are now disallowing access to content based on any active "ad blocking" solutions. These sites now present the user with a mes...

MGoodnow by L4 Transporter
  • 3587 Views
  • 1 replies
  • 0 Likes

Embedded Word Templates - Clients on external networks to reject immediately

Hi Guys Wondering if anyone has any ideas on; There are external clients / users attempting to open word documents that use word templates stored on the corporate network drive. When the user is offsite and not connected to Global Protect or VPN and the user attempts to open the document, Word will attempt to open the template on the network dr...

PA strange behaviour

Hi, Last night (1.30am) it was a electric cut down in my office. This cutdown didnt affect to our PaloAltos but since this time we are expecting an strange beahviour in our Palo alto. During this morning the FW were flapping and we found one member in suspended state (reasons loop protection) Now its working fine but we are not sure about the st...

Resolved! Active Passive HA

I'm trying to setup HA for a pair of HA-3020 and the HA widget is all green and synched. I have a network connection on our cisco core on Ethernet1/3 for the trusted network called TrustedL3 on the Primary firewall. Do I need to use the same IP number from the Primary to the Passive firewall? I am routing my traffic to the internet from my loca...

DNS tunneling seems it's not recognized as "tcp-over-dns"

Since some weeks, we are suspecting DNS Tunneling usage.We saw a specific "application" being present on applipedia for this kind of action: tcp-over-dnsApplipedia description states:"DNS Tunneling is a technique to encapsulate any binary data within DNS queries and replies and tunnel it to any remote system and the Internet. There are several t...

Resolved! PAN OS 7.0.9 Issues???

I updated my 4 HA Pairs this wekend to 7.0.9 because we were running into an issue with Ldap periodically corrupting and locking users out of the GP portal. Anyone else on this release. any issues?

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks