This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4246 Views
  • 0 replies
  • 0 Likes

User-ID agent configs in multiple templates not stackable??

I'm only able to get User-ID agents pushed to the firewall that are in the top template in the stack. I was quite certain this worked when I installed it but have since done OS upgrades. Panorama is 7.1.2. I have the User-ID agents running on two servers there in my "Global" template and then on the device specific template I need to have my PA ...

bspilde by L4 Transporter
  • 2405 Views
  • 2 replies
  • 0 Likes

Autocommit failed. Device not up :(

Hi, I have installed the version 6.0.13. we had a eeroor doing commit "Threat database handler failed" so we decided to restart the device and now the autocommit is failing and the device is not going up. We can access by ssh and GUI but the service interfaces arent going up. I have tried to downgrade to 6.0.3 and upgraded again to 6.0.13, but t...

Resolved! GlobalProtect Client Can't Access Internal Resources

There is a specific issue with a laptop client who cannot access internal resources. I know it is not a user permission issue, as he can access from his home PC on the same network with no issues. There is something wrong on the laptop itself and I cannot figure out what it is. The GlobalProect client stays connected and can access the Internet ...

rpm4242 by L1 Bithead
  • 13488 Views
  • 6 replies
  • 0 Likes

Analysis and control of protocol running in SSH like SFTP

Hi, Any ideas on better controlling what gets transferred over a decrypted (by the Palo Alto's ssh decryption feature) SSH session. I don't see an option blocking file up- or downloads via the fileblocking feature for SSH or an other corresponding protocol, nor is it possible creating a custom definition (for what's being transferred within SSH)...

session end threat

I had a user that was not able to connect through a mapped drive to one of our servers. Looked in the monitor and it said session end reasson threat but it didn't identify anything about the threat not cve no ID information

jdprovine by L4 Transporter
  • 3046 Views
  • 4 replies
  • 0 Likes

Blocking EXE files but allowing file names

Hi guys, I'm trying to block .exe files, but allow file names for some users. For example, I would like to allow the GoToMeetingLauncher.exe for GoToMeeting webinars, but the links look like the below which means it can't be done. https://download.citrixonline.com/launcher2/helper?token=e0-qZ0xbknQkdODLP_tA0HpRDCszfG5OkCLe4-4_8LabqVRaLatg9Q4O51...

PA-200 Slow browsing with url filtering

Hi, a couple of questions on the matter: - to get URL reports i need URL Filter on the rule to be on . Is this correct? Or can i have url reports without that enabled?- with a PA200 with 1 computer connected, with URL fitler when i enter the website, it takes 4-5 seconds to show the page. without url filtering on the rule the page displays immed...

myrdin by L2 Linker
  • 4526 Views
  • 3 replies
  • 0 Likes

True test to verify dns sinkhole configuration is correct

Hi Team, We recently had a support case where a user followed all the guides on the kb and found that the sinkhole feature appeared to be not working. After a few quick tests we determined they had configured it correctly. The issue was the domains noted on some of the articles on the kb which used to be classed as malicious domains are no long...

avnotes.PNG
avnotesdomains.PNG
nslook.PNG

Resolved! Printing Application

I was wondering about a printing application on Palo Alto. Is there an app I can allow that allows printer ports automatically, or should I do it by creating a service?

blandis by Not applicable
  • 10665 Views
  • 3 replies
  • 0 Likes

Cannot loggin with my own personal account

Are there more people having trouble login in to websites of Palo Alto. I pass my PCNSE 7 today, but login in the palo Alto Live community website, no way.The company I work is parner, but we not owning PA firewall our self, juist managing the PA's of our customors.I send mail to Palo Alto, but they telling me I have to give a serial number of m...

Url Filtering Doesnt Works (not-resolved)

We faced with problem in URL filtering. While trying to open any site PA returns blocked mesage and url category : unknown.This is the output from CLI : test url nasa.govnasa.gov not-resolved (Base db) expires in 0 secondsnasa.gov government (Cloud db) The same output for any site.Resolving works.ping host nasa.govPING nasa.gov (52.0.14.116) 56(...

Failed to determine issuer

Hi guys, I have a certificate that I need renewing as it's expired, but I am seeing "failed to determine issuer" when attempting to do this. The certificate is a self-signed certificate, but it wasn't generated on the Palo, but rather an external CA. Do I need to remove this certifiate and renew it on the server I generated it from, or should I ...

Redistribute Route to GlobalProtect with BGP

Background:We have a 172.20.0.0/16 internal network that is connected to our Amazon AWS VPC. A route is successfully advertized to our AWS peer using BGP and from the local network I can reach our server instances in the VPC. AWS resources are assigned an address in the 172.21.0.0/16 network. After I created a remote-access VPN using Global Prot...

Resolved! Block streaming media for sports only

Hello, We have received a request to block streaming media only for the sports category. Is that possible and how would we go about doing that? We have a PA-3020 running software version 7.06 thank you mike

JustMike by L1 Bithead
  • 6233 Views
  • 6 replies
  • 0 Likes
  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks