This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 305 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3649 Views
  • 2 replies
  • 14 Likes

Resolved! Active/Active HA in vwire mode - Link Monitor

When configuring an active/active pair of 5060s in vwire mode, is there a need to configure link monitoring? the 5060s are setting behind an HA pair of Cisco 5585s and want to ensure the Palos failing over will not affect the traffic from the ASAs.

 

...

ICMP Output

I'm getting odd ICMP output when I try to ping from the untrust interface to a location on the internet. The ping is successful but there is additional output.

Has anyone seen this before?

 

fw> ping source x.x.x.x host 8.8.8.8
PING 8.8.8.8 (8.8.8.8)

...

RFalconer by L3 Networker
  • 1850 Views
  • 0 replies
  • 0 Likes

Resolved! Acknowledge Traffic Log Threshold Alarms

We recently reached the point where our traffic logs are reaching 90% of quota and alarms are being generated.  I understand that this behavior is normal and I do have the option of turning alarms off if I wish.  I don't want to turn them off but I s

...

SystemAlarms.jpg
herrmoss by L2 Linker
  • 4291 Views
  • 5 replies
  • 0 Likes

Using wildcard pattern/ regex in URL filter

Hello,

 

I like to exclude subdomains from decryption. Therefore I've created a URL category. But I don't like to exlude all subdomains only specific subdomains.

 

For example: I like to exlude domains starting with "whatsapp" and ending with "facebo

...

IP confilicting error

Hi We have configured HA pair on our two PA-VM200 Palo alto firewall. Now IP address of my interfaces eth1/1 (inside 10.1.1.1) and eth1/2 ( out side 10.1.1.2) are showing same as primary 10.1.1.1 on both firewalls and I am getting IP confilicting ...

User-ID Agent Windows 2003 logon events

Hi all,

I sometimes have a really hard life mapping domain users with old Windows 2003 forests using UID Agent (no matter if version 6 or 7))

I'll try to explain: when and only when using UID Agent I cannot read all users logon events or, worse, I ca

...

GlobalProtect - PW Prompt when LDAP Auth is down.

Hi all,

 

 

 

I tried support on this, didn't get much help.  I am using PANOS 7.0 and GlobalProtect 2.2.1

 

 

 

I have a couple hundred GlobalProtect clients using Windows.  I am using pre-logon (always on) with LDAP authentication.  The goal is to

...

snippet1.png
snippet2.png
snippet3.png
mmclimans by L3 Networker
  • 5556 Views
  • 9 replies
  • 0 Likes

Dual NIC - IP Mapping Issue

This appears to happen at random to a random subset of users.

Environment:

> 160 AD DCs

4x UIAs (2 - 80 DCs / 2 - other 80 DCs)

Assume:

All possible DCs that a user would authenticate to are being monitored by the agents.

Scenario:

When users with laptops c

...

Auto upgrade on OS

It looks like an upgrade for the os comes out about every other month, has anyone come up with a way to automate the upgrade process and can you recieve email notification of when new os's come out

jdprovine by L4 Transporter
  • 1734 Views
  • 2 replies
  • 0 Likes

Resolved! Custom Report group by problem

Hello everybody! I am trying to make a custom report to see which users are using our VPN and when. I only need the user and the date, so using the database "Traffic log" is enough. I have only 2 columns selected: Source User, and Date. The run now ...

Detecting encoded C2 Communication

Does anyone have experience detecting C2 communication that is encoded?  I've been working with some malware that communicates back with base64 encoded blobs inside (legit looking) http traffic.  I'd like to be able to decode the base64 text within t

...

saajr63 by L0 Member
  • 1298 Views
  • 0 replies
  • 0 Likes

nsatc.net shows as spyware?

I have a ton of entries in my spyware logs for DNS attempts to nsatc.net

 

Some digging suggests this is a site run by Microsoft related to Windows Updates.

 

False positive?

  • 24184 Posts
  • 100 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks