General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Restrict Microsoft365 tenant

Hi, To restrict access to specified Microsoft 365 tenant (allow company M365 tenant only), I have tired to follow below link for configuration. Using HTTP Header Insertion For Sanctioned Access To Office365 ... - Knowledge Base - Palo Alto Networks But it's didn't work. Users still available to logon with personal M365 account. Since URL i...

Resolved! Trendmicro application identified as "ssl" despite of proper SNI, CN, SAN.

We have the Trend Micro agent installed on the endpoints, and it is running smoothly. However, the application is still being identified as "ssl", even though the packet captures show the correct SNI value in the Client Hello. In the Server Hello, both the SAN and CN fields contain multiple wildcard entries ending with *.trendmicro.com. The URL...

Setting up a ION device in Azure

Hello, We have 3 branch sites and we want to deploy a virtual ION device within our Azure tenant to connect it like another branch site. 1 - Is that possible? I see PA ION devices within Azure to deploy but I am not sure if it will accomplish what we want it to do. 2 - (If we can do 1) Is there any documentation on best practice setup for ...

Resolved! User ID agent not starting.

I am setting up backup user-id agent 8.1.10-2 on Windows 2016 Standard server.I have given all the required access to the user-id agent admin account but its not working / refusing to start.I am using the same credential on existing UID agent 7.0.8-13 running on Windows 2008 R2 and it runs fine. I attaching error messgae when starting UID servic...

Capture.JPG
Nischal by L2 Linker
  • 26441 Views
  • 12 replies
  • 2 Likes

Shared Pool Memory Allocation failure

Hi Team, I got 5 devices which are experiencing Shared Pool Memory Allocation failure at the same time displaying by a SIEM. So , I already shared the potential cause of the issue as you can see below : The sslmgr daemon attempted to perform an action (certificate validation) before completing its initialization.This typically occurs when:The ...

F.Pinar by L3 Networker
  • 1371 Views
  • 1 replies
  • 0 Likes

Setting static Management interface IP in Azure VM NGFW

Is there any way to set a static Management interface IP with PanOS 12.1 in Azure VM? There are no options in the GUI, just a show DHCP client information window. From the CLI, a static IP/GW/DNS can be set in the config and commits without error, but it does not apply to the interface. Any attempt to "set deviceconfig system type static" result...

Resolved! Unable to activate Precision AI network security bundles license

HiHow to activate Precision AI network security bundle for my 400 series firewall?Previously I was using core bundle since 2024. For this renewal, my partner provided Precision AI bundle. I have already received the auth code, but I’m unable to activate it on both the firewall and CSP portal.The error message is showing “use email link” or fail ...

zinkt101 by L1 Bithead
  • 3639 Views
  • 2 replies
  • 0 Likes

Config admin using radius group.

I have VM-100 running panos-11.1.13. currently i have local admins for msp -superusers and 1 customer user with a customer -admin-role profile. customer wants to have mutiple admins controlled by their radius. so radius profile and auth profile is configured. how can i attach admin user group(listed under auth profile) to admin role profile. I s...

Resolved! Is DoS Protection Detection Possible in TAP Mode?

I would like to ask whether DoS Protection detection can be configured in TAP mode. Since this is TAP mode, I understand that traffic cannot be controlled or blocked. However, what I want is simply to detect whether there are any internal DoS attacks. I have confirmed that TAP mode is included under Zone Protection. However, it is still not clea...

Resolved! Explicit allow to Microsoft Update services

I've read through a dozen questions and the scores of answers to those questions, and I'm finding a mix of outdated information, bad information or just unrelated options... I suspect this is going to send down a rabbit hole, so I'll try to compartmentalize based on my testing. I never progressed far enough to get close to a resolution. So, ...

bhelman by L2 Linker
  • 42242 Views
  • 8 replies
  • 1 Likes

Detection of AI Agent Run Time via XDR

Hi everyone, I’m curious about XDR’s capability to detect AI agent runtime activity. My understanding is that XDR is quite effective at identifying post-incident artifacts, C2 IPs, and similar indicators. is it also possible to detect AI agent runtime behavior?

D.Ciftci by L0 Member
  • 2812 Views
  • 4 replies
  • 0 Likes

User-ID mapping without ldap across an enterprise

Hi All, not having the best day with thinking 😞 Palo Alto Scenario: PA FW CLuster in HQPanorama Log Collector only in HQStandalone PA FW in SiteAStandalone PA FW in SiteBStandalone PA FW in SiteCStandalone PA FW in SiteD No Panorama mgmt in place. All Sites have L3 connectivity back to HQ FWs are configured to send logs to log collector...

PA_nts by L4 Transporter
  • 2940 Views
  • 3 replies
  • 0 Likes

Resolved! pa-450 issues and going down 2 days in a row

all our path monitoring profiles on our ISP links were down even though the ISP was up and we confirmed internet access. There was no ping connectivity from the ISP Firewall Interface to the ISP gateway and we have 3 ISP connection. When we removed the path monitoring profiles on the default route, there was still no connection. Downgrading the ...

F.Pinar by L3 Networker
  • 1707 Views
  • 4 replies
  • 0 Likes

Policy Cache Usage Warning After Upgrade to PAN-OS 11.1.13-h1

After upgrading to PAN-OS 11.1.13-h1, we started seeing the following warning log:Warning: Policy cache usage is greater than 80 percent of the capacity We have multiple firewalls in our environment, but this issue is only occurring on devices that were upgraded to version 11.1.13-h1. When checking with the following command:> debug datap...

khkim by L0 Member
  • 784 Views
  • 1 replies
  • 0 Likes

Captive Portal with custom images

Hello everyone,I'm trying to implement the custom Captive Portal Response Page with custom images in it. Is there a way to upload my own images to the Palo Alto to use them in the Captive Portal? I did found the info about using the custom images from outside web or FTP resources via URL tag, but it doesn't fit the requirements of my customer. S...

higawajj by L0 Member
  • 5071 Views
  • 2 replies
  • 0 Likes
  • 24404 Posts
  • 123 Subscriptions
Top Solution Authors
Labels