This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1393 Views
  • 0 replies
  • 0 Likes

Google QUIC Disconnects

We started getting complaints from users that various Google services were showing intermittent disconnects. I think we've tracked it down to the QUIC protocol not being accurately identified by the PAN firewalls and getting blocked. I see 443/udp tr

...

cosx by L2 Linker
  • 3597 Views
  • 2 replies
  • 0 Likes

Reporting on Security/NAT Polcies and Hit Counts

Is there a way to export the current Security and NAT Policies to CSV, or even just PDF?

 

I need to clean up a dirty firewall that I inherited, but I need other teams to let me know what is active/inactive. Screenshots or CLI outputs can work, but I

...

Resolved! Statistics/reports on how much SSL-traffic you got?

Hi, any of you who knows if there is a whitepaper or such on how to generate a report or otherwise pick out the numbers/figures/graphs for how much SSL-traffic you got vs non SSL-traffic through a PA device?

 

That is both in bandwidth and number of

...

mikand by L6 Presenter
  • 9982 Views
  • 17 replies
  • 0 Likes

Policy Based Forwading Capability Question

Hello All, Was just wondering if anyone may be able to help with this our question.

 

Please see the attached High Level Diagram. Both Firewalls are PA 3020's with the full licence set enabled. We need to replace the ISA server which is not providing

...

Data Flows.jpg
WesNeary by L1 Bithead
  • 6027 Views
  • 5 replies
  • 0 Likes

Resolved! Multiple Tunnels with 0.0.0.0/0 proxy-ids

The scenario is 3 firewalls, with PA-HO acting as the hub and PA-1 and PA-2 as the branch sites. The Branch sites connect to the head office network via ipsec tunnels to PA-HO and vice-versa.

Due to multple dis-contigous subnets on the branches, it w

...

Resolved! About address and EBL limitation for maximum

Hello.

 

I want to know my question what address and EBL maximum from you.

 

1.

https://live.paloaltonetworks.com/t5/Configuration-Articles/Using-IP-Address-Lists-on-Palo-Alto-Networks-Policies/ta-p/57411

The above documnet describes " Each imported

...

Resolved! Log timestamps

Hi,

 

My query is about how the Palo Alto firewall timestamps logs when it sends them to a syslog server. Does it stamp the logs with UTC (GMT) time or does it use the configured local time as the timestamp? I notice when reviewing logs on the device

...

How to check GlobalProtect IP Pool

While troubleshooting a user's inability to connect to GlobalProtect, I wanted to verify there were IPs available.  However, the IP pool did not appear under the DHCP servers.  How can I check to make sure there are IPs available within the IP pool t

...

breedend by L1 Bithead
  • 5269 Views
  • 1 replies
  • 0 Likes

PA syslogs and change logs

Is it possible to send the syslogs for only the system changes from the pa to solarwinds?  How to you configure the PA to send the change logs to solarwinds?

jdprovine by L4 Transporter
  • 8005 Views
  • 21 replies
  • 0 Likes

Decryption issues with certificate.

This is a new deployment and testing decryption. I have generated a self signed cert from the firewall and imported it into the local trusted root authority store on my computer.

 

If I try to go to a site that is encrypted (eg https://www.google.ca

...

Andrew.C by L0 Member
  • 2568 Views
  • 2 replies
  • 0 Likes

Captive Portal Customization and Device Detection

I have been tasked with modifying our Captive Portal, from Palo Alto, that current users see when they connect to our guest Wi-Fi here at the Upper Canada District School Board. I have read most of the documentation related to the captive portal and

...

dcletech by Not applicable
  • 2587 Views
  • 1 replies
  • 0 Likes

SSL / Outlook Web Access not identified by App-ID

I have a customer that is using a PA-5020, and when users try to go to certain Outlook Web Access sites, it won't work for them.  Checking the logs, I can see where the user initiates a connection over port 443 to the destination OWA server, but App-

...

  • 24186 Posts
  • 117 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks