This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4119 Views
  • 0 replies
  • 0 Likes

About FSCK on Panorama

Hello My customer use two M-100s. One is used to Panorama and another is used to log-collector. I upgraded two M-100s from 6.0.9 to 6.1.10. I used manual upgraded way because environment what can not access to internet. 1. panorama was upgraded to 6.1.0 manual. 2. panorama was upgraded to 6.1.10 manual 3. log-collector was upgraded to 6.1.0 m...

Resolved! How to activate new cert for GUI on 7.0?

Hi all, On 6.1 and prior, I could choose 'Certificate for Secure Web GUI' under Device tab > Certificate Management > Certificate. On 7.0, I can't find this option. I generated SHA-2 self signed certifacate on the box. Then, how can I use this certiface as webui? In addition, 'set deviceconfig system web-server-certificate <cert_n...

emr_1 by L5 Sessionator
  • 2829 Views
  • 2 replies
  • 0 Likes

Resolved! Custom Captive Portal Agree to terms checkbox only?

I would like to setup a captive portal on my guest wifi, but I am not interested in capturing info for user ID, I just want to force the users to see a terms of use that they have to click through before connecting. I have looked at the custom templates but I am not sure if I can really over ride them the way I want. Has anyone tried to do t...

Tech101 by L1 Bithead
  • 3697 Views
  • 2 replies
  • 0 Likes

multiple shared gateway deployment

Hello folks , I was wondering if multiple shared gateways (on one firewall ) is allowed . I found a matrix that was saying some PA models support up to 8 shared gateway but inside admn guide it tells us only one shared gateway is possible in the entire firewall . there is discrepencies in the documentation ; anybody had the same experience ?

Drive Mapping with Global protect

Hi Community, I just needed to run a niggling issue with some of you as we are experienicing with our global protect. We have global protect to do pre-logon connection to the global protect gateway. Once the user is authenticated we except drives to be mapped. However, we are experiencing an intermitten random issue where sometimes all the...

Resolved! packet capturing pa

Hi, in packet capture , what is actually firewall stage type ? . Why thers is rx and tx separate ? sorry for asking a fuzzy question ? Thanks

sib2017 by L4 Transporter
  • 9635 Views
  • 8 replies
  • 1 Likes

How to properly configure POP3 AV and malware inspection

Dear Live Community, I was wondering how I have ro configure pop3 traffic inspection in order to protect my network from malware and viruses in mails sent to me. My Linux server pulls various mail servers in the internet using fetchmail every couple of minutes. The connection is tcp/995 POP3S. The PAN is working in virtual wire mode between my...

daubsi by L1 Bithead
  • 2872 Views
  • 1 replies
  • 0 Likes

Help with "Deny All, with whitelist of domains"

I have been trying to test out a new policy that will need to be implemented by our security team. This involves a Deny All rule, with a rule right above it that allows a list of domains. These domains include SaaS services, Cloud, and other domains that users must access to achieve daily production. I have tried to make the whitelist based on ...

kaboom by L0 Member
  • 3372 Views
  • 3 replies
  • 0 Likes

Resolved! Radius/TACACS Question

Is it possible with 6.1.x to where if a user wanted to change radius/tacacs password (before it expires or just because the want a new password) they can . Or if a user locks him/her self out and needs to change password. Is there a profile for this type of activity?

Resolved! PA200 Failures

We started deploying Palo Alto in our environment about 6-7 months ago. We're up at 19 PA200s in production (we also use Panorama). Since we've been deploying these, I've had 6 units fail at 4 different sites. The failure is always the same, basically the ports 1-4 are dead. On some reboots they show as unknown/unknown/up when nothing is plu...

sshshowintunknownup.PNG
sshshowint.PNG

URL Category

We use PA URL Category to block access to some sites i.e. Social media etc. I would like to export all the category names and their respective settings block / allow / alert etc. to an Excel or Text file. Can this be done, if so how

RC-BHF by L2 Linker
  • 2351 Views
  • 2 replies
  • 0 Likes

Blocking WORD docs which contain macros

In the course of a regular day, it is not uncommon to receive regular legit word documents from people via email. However, increasingly we are getting documents pretending to be resumes, and the .doc file contains macros. Our version of Word 2013 treats these as protected documents and the macros do not auto open like the malicious user intend...

cenders by L3 Networker
  • 4012 Views
  • 3 replies
  • 0 Likes

Resolved! HA failover when failing a little more?

Hello, sorry, if I missed something obvious... but I need your help, because I have no lab environment where I could answer my question by just testing.... I have two PA-200 with HA Lite. Both have an outside interface connected to a switch: Firewall F1 with switch S1, Firewall F2 with switch S2. S1 and S2 have an interconnection. Now th...

OCEDTRA by L1 Bithead
  • 5100 Views
  • 4 replies
  • 0 Likes

Whatsapp traffic not always recognized properly

Hi All, it seems that in the last days the whatsapp application is not always correctly recognized. From logs we can see that some connections are blocked. We don't think is due to the last dynamic updates, because we reverted it to precedent version does not solve the issue. We have look into the community but no one suggestions was found. Ha...

TheRealDiz by L4 Transporter
  • 16063 Views
  • 13 replies
  • 0 Likes

Difference between: Start Time | Generate Time | Receive Time | Elapsed Time

Hi All, I have question for you. We have analyzed our log and seems there is something that is not properly correlated. Here below a little explanation regarding parameters mentioned: ------------------------------------------ Receive TimeTime the log was received at the management planeGenerate TimeTime the log was generated on the dataplaneT...

Time_Stamp_Logs.JPG
  • 24335 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks