This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4127 Views
  • 0 replies
  • 0 Likes

Resolved! Many-to-One Destination NAT

Hi, We currently have a problem on site where our windows domain name matches the website name so the naked domain DNS configuration contains an A record for a web server and not the domain controllers. As a short term workaround (because it could take 2-3 years to plan and change the domain name) I'm using the destination NAT feature. In my tes...

panos_screenshot_campusmsdcsuat.png

Url category unknown for dropbox and msn

Hello I'm using BrightCloud URL Filtering (at the moment I have 4792 version on my device). I'm started testing this functionality (security policy with url filtering in monitor mode). In Monitor tab in URL filtering section I see: How it's possible that DropBOX and MSN are in unknown url category? Regards SLawek

2016-05-19_095625.jpg
_slv_ by L4 Transporter
  • 2258 Views
  • 2 replies
  • 0 Likes

Resolved! Question about HA 2 link

Hi Team, Good day!My questions is in regards to the HA 2 link. It is a l2 link. However, we can have an IP address on it. However, lets say that we have no IP address on dedicated HA 2 link on both sides. Now, If I have a L2 switch in between How will one side come to know about other's MAC address? Thanks in advance. Regards.

yadsingh by L2 Linker
  • 3099 Views
  • 1 replies
  • 0 Likes

Resolved! PPS Report

Has anyone built a custom report to get packets per second for a destination? I see we can get total packets transmitted/received over a given period of time, but nothing for calculating pps right in the report. Any suggestions? Thanks!

AmyTyler by L2 Linker
  • 4627 Views
  • 4 replies
  • 0 Likes

Resolved! User-ID Agent error

Hi, I am getting the below error in domain controllers DCOM was unable to communicate with the computer 10.0.129.3 using any of the configured protocols; requested by PID aec (C:\Program Files (x86)\Palo Alto Networks\User-ID Agent\UaService.exe). Event Xml: Please help to get rid of the problem Thanks

sib2017 by L4 Transporter
  • 5127 Views
  • 1 replies
  • 0 Likes

Searching a Howto for two ISP Connection and two Lan

Hello, i seach a HowTo for configuration two different ISP connections and two different LANs. Both should nothing to do with eatch other. They should be seperate. Is there any where a HowTo for this configuration? I only found twi isp connection for use with Backup connection but nothing for user bothe with different networks.I use a PA200 for ...

Resolved! Pan agent

Hi, I was using windows 2008 Domain controller and Palo alto ldap profile configured. ,Now changing to 2012 So which version of panagent need to be installed.Where can i download the panagent ?Is there something need to be done on paloalto side after migrating dc Thanks

sib2017 by L4 Transporter
  • 3398 Views
  • 3 replies
  • 0 Likes

No traffic being logged at all

Hello, we've got a bunch of virtual palo alto firewalls running 7.0.1. One set are running fine, largely configured with no issues. The other set are in a different environment, all the infrastructure is the same (same type of hypervisor, same version, all that) The only significant difference is that in the second environment, each PA is part o...

PaulAlto by L0 Member
  • 3246 Views
  • 5 replies
  • 0 Likes

management down

Dear engineers.Here again asking for help and advice.Implement a PA500 in L3 mode, in which trust in part through mpls 192.168.1.10 and have to get to the adminstracion that has the IP 192.168.1.20, but from another network that is in the MPLS not get to the administration of equipment such as:172.16.0.12 can not reach the administration of PA, ...

Edluna by L1 Bithead
  • 1898 Views
  • 1 replies
  • 0 Likes

Resolved! Ping outside interface from inside

Can somebody explain how I would be able to ping the IP address on an untrusted interface from inside (trusted). I setup a interface management profile on the interface and I can ping the outside interface IP address from the public internet, but not from inside. I don't see any drops, and creating a policy has not seemed to help either. I'm t...

bbilut by L3 Networker
  • 4571 Views
  • 1 replies
  • 0 Likes

Resolved! Handling Unknown TCP iSCSI traffic

I have a Dell Equalogic SAN that is replication to an offsite location. The traffic is sent over via a VPN tunnel (Certificate based). This traffic is being reported as unknown tcp. I can verify that the traffic in question is in fact the SAN traffic as the source and destination matches. I also read that the PA normally flags certificate based...

jharlow by L3 Networker
  • 4273 Views
  • 3 replies
  • 0 Likes

SSL Decryption

We do SSL Decryption on our PA. Recently we have been seeing a lot of sites that do not decrypt Chrome comes up with ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION Firefox does not have any meaning full error message A quick google shows that it is to do with disabling of SSL v3. When the site is added to no decryption policy it works, so obviously...

RC-BHF by L2 Linker
  • 4497 Views
  • 5 replies
  • 1 Likes

Resolved! User-ID Agent questions?

Hello I have few questions regarding user-ID agent that is installed on DC (domain controller) 1- When the user login to machine, agent on DC send the username/IP details to PAN immediately? 2- Say after 10 minutes, user log off then agent on DC send the username/IP details to PAN immediately? 3- Multiple users login to one machine using s...

Kashif by L2 Linker
  • 10529 Views
  • 8 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks