This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4112 Views
  • 0 replies
  • 0 Likes

Active Directory Testing

Hello Community, My first posting here. I have successfully configured LDAP / Active Directory on my VM ESXi. My Palo Alto can connect to the AD, see image However, I don't know how to test to see users in the monitoring logs. I will need a VM to log on to the AD from within the virtual environment but not sure how to do that. Can some...

LDAP.png

Resolved! Configured, Enabled Nodes not showing up under Minemeld > Nodes.

After reboot, none of the configured nodes (all enabled) are showing up under "Nodes". Tried restarting services and VM. Further configuration commits without any errors, but still no nodes show up. Minemeld logs attached. (/opt/minemeld/logs/*) Any ideas where to start troubleshooting? -Nasir

nbilal by L3 Networker
  • 7935 Views
  • 5 replies
  • 0 Likes

Group Mapping

I have created my LDAP server profile and my group mapping under user identification. However when I try and force the group update I get an error. Server error : op command for client useridd timed out as client is not available Any ideas?

JeffTQT by L2 Linker
  • 2976 Views
  • 1 replies
  • 0 Likes

Resolved! URL FILTERING

dear engineers.could you help me!!I have the following problem with the URL filter:I commented that I have blocked the streaming media category in which enters youtubewhen I open firefox without any problem with the rule applies both http and https.But when I open the page with chrome does not apply the rule.I can do help me !!!

chromeyou.JPG
firefoxyou.JPG
Edluna by L1 Bithead
  • 4992 Views
  • 5 replies
  • 0 Likes

Resolved! Support for static local IP and Domain Lists

I'd like to start by saying, that this is an amazing tool! Thanks for sharing this, it has great potential and my customer is excited. One question: is there currently any support for creating and maintaining local IP and domain blocklists on the MineMeld? Instead of setting up a miner to go out and consume a feed, we'd like to be able to create...

nbilal by L3 Networker
  • 6445 Views
  • 4 replies
  • 0 Likes

Google Drive Sync client with Decryption

There seemed to be a work around in the past where you could launch googledrivesync.exe with a --unsafe_network switch that would allow it to deal with the decryption because they seem to have their own preloaded set of CA's the client trusts and doesn't not look at the OS certificate store for a list of trusted CA's. So anyway this used to work...

bbilut by L3 Networker
  • 3260 Views
  • 1 replies
  • 1 Likes

Web GUI Font Readability Issues After Upgrading to 7.1

Since upgrading to 7.1 I've noticed that the new font used in the Web GUI is very hard to read. In many places it appears squished and just looks wrong. In the list of what's new in 7.1 this is actually touted as a "font update" but it sure seems like a step backwards to me. Has anyone else noticed font readability issues in 7.1? Web Interfac...

Fonts.jpg

PA-500 Throughput

The PA-500 datasheet indicates that the maximum throughput for traffic being filtered by App-ID is 250Mbps https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/datasheets/pa-500/pa-500-ds.pdf What it doesn't say, is what if I just have two devices connected to two 1Gb ports and the PA is just doing switching between the two ports w...

RustyPA by L1 Bithead
  • 3705 Views
  • 3 replies
  • 0 Likes

Decryption causing more sites to fail

Just floating this out to the community. We have had decryption enabled for the past 2 years. In the last 6 months we are adding a new site to the no decrypt category about once a week. We are up to 94 sites that it can't decrypt. Yesterday it was Office365 exchange that stopped woeking, today was the kicker with microsoft updates failing even t...

craymond by L4 Transporter
  • 5487 Views
  • 6 replies
  • 0 Likes

ACC Behaviour

Hello everyone! I've got a question about the behaviour of the new ACC in 7.0 and above. I can apply a global filter for the action of deny. When I do this, the graphs show no data, even if I click refresh. If I click 'jump to logs' with the filter still in place then I can see the logs/data in there ok. Removing all ACC filters allows t...

bmorris1 by L4 Transporter
  • 2653 Views
  • 4 replies
  • 0 Likes

show counter global filter category flow aspect dos

Hi, Below is output of 'show counter global filter category flow aspect dos' What does it mean by value and rate . Does it mean '143291' packets dropped ? name value rate severity category aspect flow_dos_red_tcp 1143291 0 drop flow dos flow_dos_pf_ipfrag 57444 0 drop flow dos flow_dos_pf_icmplpkt 1100 0 dr...

sib2017 by L4 Transporter
  • 6305 Views
  • 11 replies
  • 0 Likes

PA blocks outbound port 10443, doesn't show up in logs

I have and external website that I need to access on port 10443: https://<public IP>:10443. The connection never completes and times out. If I pull the PA FW out and throw in an ASA, works just fine. The logs on PA don't even show port 10443 being accessed or logged. No matter what log I check, I find nothing. Any idea? Thx

dclark1 by L1 Bithead
  • 5114 Views
  • 8 replies
  • 0 Likes

SMTP weird characters

Hi everyone!My client's SMTP traffic goes through ASA and Palo Alto and some other network application devices such as proxies and stuff.At some point, the SMTP message gets some SMTP characters added. I removed ASA ESMTP inspection just in case, and still the characters appear.Is there any kind of inspection such as the one in ASA to disable in...

incomplete and ddos drops

Hi The following report shows incomplete Database: Traffic LogColumns: Source Zone, Source Address, Source Port, Destination Zone, Destination Address, Destination Port,Application, BytesQuery Builder: (app eq incomplete) and (port.dst leq 1023) but the " show counter global filter category flow aspect dos " does not give any indication of drops...

sib2017 by L4 Transporter
  • 2150 Views
  • 1 replies
  • 0 Likes

Importing device into Panorama with shared objects

Hello I would like to import device into Panorama with all objects as shared into Panorama. I read the below line from PA documentation Import devices' shared objects into Panorama's shared context is enabled by default, which means Panorama imports objects that belong to Shared in the firewall to Shared in Panorama Now the question is the how t...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks