This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4447 Views
  • 0 replies
  • 0 Likes

Resolved! Blocking macro-enabled Office files (docm, xlsm, etc)

The available file types that can be filtered doesn't include Office documents with macros (docm, xlsm, etc). These are being used now to sneak garbage into the network. Is there a way to ID them or are they on the horizon for inclusion in the file blocking filters? An innovative way that is being used is to create an xlsm file with a malicio...

gleduc by L1 Bithead
  • 13400 Views
  • 4 replies
  • 0 Likes

Resolved! Domain names in Security Policy

Does anyone know if it's possible to use a domain in a security policy? I know that I can use FQDN but what happens if I need to allow a wider range, such as *.zoom.us? Can this be done or am I out of luck?

BPry by Cyber Elite
  • 5700 Views
  • 4 replies
  • 0 Likes

GlobalProtect - Client Certificates Deployment

Greetings, I have used the following article to distribute client certificates for GlobalProtect: https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Issue-Certificates-to-GlobalProtect-Devices/ta-p/53642 My understanding is that with this method of certificate distribution, all client machines will have the same client certificat...

Creid by L0 Member
  • 2631 Views
  • 2 replies
  • 0 Likes

QoS and interfaces - some conception advice needed

Hello I will migrate fom PA200 to PA500. I have some local networks (DMZ, Wifi for students, Wifi for stuff, LANs)I need to use QoS but I need some advice with that. I know that I can controll only on outgoing interfaces but I have no idea how to get it working with one condition: I wouldnt limit traffic from/to my local servers in DMZ. Now I ha...

_slv_ by L4 Transporter
  • 4391 Views
  • 6 replies
  • 0 Likes

Resolved! VM-300 Steps validation

Can some please these are the initial steps for setting up VM-300 in NSX? 1) Register auth codes for VM's2) Download the base-image on he VM that will host VM-300 firewall3) When download of sofware is complete I should UUID an dCPUUID4) After base configuration in VmWare NSX is completed I will be about to go to portal and register the new V...

Mounting Orientation for PA-500 (Vertical - Wall Mount)

Does anyone know if the PA-500 can be mounted using a 19" Rack mall mount bracket?(Front = Up) (Back = Down).Using something similar to this?https://www.startech.com/Server-Management/Racks/2U-19in-Steel-Vertical-Wall-Mount-Equipment-Rack-Bracket~RK219WALLV

mjdut18 by L0 Member
  • 1910 Views
  • 1 replies
  • 0 Likes

User-ID causing high CPU

Hello People, My client has receently upgraded to 7.1.3 and now the management plane is constantly running 100% on all firewalls. This is the following message displayed and filling up the userid.log 2016-07-22 16:43:38.660 +0100 Error: pan_user_id_agent_msgs_queue_msg(pan_user_id_agent_msgs.c:58): failed to insert msg into sending msg list We...

Looking to Learn Palo Alto

Looking for advice on cheapest way to learn Palo Alto? I am a consultant and dont have any Palo Alto licenses. Is a VM lab license affordable, is there trials or is ebay the best option? Thanks in advance!

daveram by L0 Member
  • 7005 Views
  • 8 replies
  • 0 Likes

VM-200 can't reach vSwitch from L3 interfaces (vSphere/VMWare)

Hi, I only can reach the mgmt interface. But not the other L3 interfaces, I tried setting those IPs @ the same vSwitch where the mgmt interface resides, but nothing. There are 2 Windows VMs (2008/XP) they see each other in any switch I configure them, but I can't get this work with the VM200 at VSphere. I tried setting it locally and the same r...

NRikle by L0 Member
  • 2460 Views
  • 1 replies
  • 0 Likes

PA Eval license in Unetlab

Hi I want to test PA in Unetlab 10.0-12https://nbctcp.wordpress.com/2015/06/26/bypass-firewall/But I don't have URL Filter eval license. QUESTIONS1. how to get eval license for 2 PA because I also need to test OSPF between 2 PAs2. with eval license beside URL Filter, what other features I can test tq

nbctcp by L1 Bithead
  • 3445 Views
  • 3 replies
  • 0 Likes

PA-200 Cable modem VPN sites needing a power cycle to restore connectivity

I have multiple remote sites that connect back to a main site through PA-200's, using Charter Communications cable modems. At various times the PA's stop forwarding traffic. I can no longer reach the PA's and I have setup management on the outside ip addresses. The only way to recover from this is to have someone at the remote site power cycl...

Resolved! How to add more one secondary NTP server

Hello community, It is possible to add more one secondary NTP server ?I need to add two ips (ntp server) like a secondary ntp servers, it is possible? In PANOS 6.1.10. Best RegardsAndres Padilla

Apadilla by L3 Networker
  • 3041 Views
  • 2 replies
  • 0 Likes

How to prefer 1 ISP for one application

I got why huge traffic is coming to port 3978.Application is identified as Panorama.Its hge Gbs of traffic in one session.The source IP is firewall management Ip and destination is Panorama IP.But why i need to kill this session means, we have a setup of 2 ISPs. We prefere this traffic should go through 1 ISP only one ISP.Tht we accomplish throu...

  • 24375 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks