This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Crazy policies needed for BGP and VPN

Hi, first read this article: https://live.paloaltonetworks.com/t5/Learning-Arti​cles/Any-Any-Deny-Security-Rule-Changes-Default-Be​... then I have this exactly behavor but I don't have wrote any/any/deny rules! In my enviroment both intrazone-default and interzone-default are blocked. It's that the problem ? Bho? To build a VPN with BGP pro...

Vulnerability exemption

Hi what is actually simple-client-critical simple-client-medium I I want to change the default action from alert to block . the rule is under simple-client-medium , but the search result shows it is under simple-client-high Thanks

36029.png
sib2017 by L4 Transporter
  • 2453 Views
  • 2 replies
  • 0 Likes

URL White Listing

Hi all, First of all, we are impressed about MineMeld, thanks Luigi for your ideas and work. We have just started to play with MineMeld and wandering the format to whitelist domains and network ranges using stdlib.listURLGeneric (as wlURL) We would like to allow web access to any host at 192.168.0.0/16 and any URL to *.somedomain.com We tried se...

Resolved! CLI checking licenses

Hi everyone! 2 quick questions in 1: -To be able to include a URL as destination in a policy, do I need to have license for URL filtering?-How can I check what licenses do I have in the CLI? Thank you!

No Email protection for SaaS

The closest way to protect a SaaS email soltuion I have found is Proofpoint which has a wildfire API hook option. I am supprised there is no SaaS service for forwarding attechments or inline scanning of email directly from paloalto networks.

Tech101 by L1 Bithead
  • 3020 Views
  • 3 replies
  • 0 Likes

Resolved! Block Traffic Based Upon Countries Source. Vulnerability Protection and For a Specific Time Interval

Hello My objective is block automatically traffic IP for a different time intervals Based upon Countries (Top attack) and applying a vulnerability profile. This is my Vulnerability Protection Profile and his rules: Rules (1-3600 sec). I don't want block an IP for a long time. 1 test Critical1800. Where 1800sec=30minutes 2 test High 1200. W...

8Z5bcjp
4KvzKau
1sn4Sub
UN5P1bt
SOC_CSG by L4 Transporter
  • 5848 Views
  • 6 replies
  • 0 Likes

any to application default

We are working on hardening our firewall rules by replacing any to application default(service) and from any to the specific application(application). Example - we changed any to web-application and any to application-default. People hitting the same rule had different results some it didn't work and they weren't able to get to the web page and ...

jdprovine by L4 Transporter
  • 5621 Views
  • 11 replies
  • 0 Likes

High count of packet retransmissions/Dups over IPSEC/VPN

Hi! I'm running IPSEC-VPN (AES256/SHA256/DH14) tunnel between a PaloAlto PA-500 and a Fortigate 110C via Internet (10MBit up/down guaranteed both sides - latency between 40 and 50ms).90% connections are ICA/HDX connections (TCP 1494 and 2598) for XenDesktop connections.The connection is working not very well. The ICA-sessions are quite stable ...

e.g. ICA-Traffic
e.g. RDP-Traffic

ipv6 aggregator

Is there an ipv6 aggregator on the roadmap?I noted that the URL aggregator can already extract them when the miners includes ipv6 IPs in the URLs (ex: office365), but did not find a way to get just the IPv6 addresses.

mr.linus by L4 Transporter
  • 3173 Views
  • 1 replies
  • 0 Likes

Resolved! dns amplification attack

Hi, What are the best practices need to be followed to protect from the ddos dns amplification attack . How to filter the trace from the log if there is any attack happened ? Thanks

sib2017 by L4 Transporter
  • 6785 Views
  • 4 replies
  • 0 Likes

Resolved! RegEx for specific DNS strings

I was working on getting Data Filtering to block specific DNS requests with no resolution.So, I am creating a Custom Application for DNS with a Pattern matching, which is partially working.Working strings:Under Objects/Applications/("Added applications, DNS DDOS, DNS DDOS1, OUR DNS").Configuration: Category = "general-internet", Subcategory = "...

Export config from TFTP (non-management interface)

I was trying to export my running-config.xml with TFTP. It works fine when doing it from the management interface but is not working from any other interface. If I use the source-ip to export the configuration i get a Timeout even though I can ping my TFTP server with the sourced-ip I'm using to export. ANything that I need to change or missing ...

Who's coming to Ignite?!

We're only a week away from Ignite and the Live Community team can't wait. This year, we'll have an even bigger group of folks participating in the event. "reaper", "jdelio", and "kiwi" will all be there, participating in the Live Community booth, breakout sessions, and more. It's a great opportunity meet these community leaders, ask them questi...

Resolved! Session End Reason column NOT available on PA200

Hi All, I am checking traffic logs under Monitor tab. In order to troubleshoot issue and understand behavior of a specific traffic flow, I think "Session End Reason" column is really needed. That's why I am writing on community. We have two PA firewall: - PA-200 - PA-500 On PA-500 I can clearly see column mentioned, while on PA-200 is NOT...

  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks