This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4136 Views
  • 0 replies
  • 0 Likes

XML API

hi , i enter follow . but occurs error (Malformed Request) https://10.21.63.99/api/?type=config&action=set&xpath=/config/devices/entry[@name=%27localhost.localdomain%27]/vsys/entry[@name=%27vsys1%27]/rulebase/security/rules/entry[@name=%27rule1%27]&element=%3Csource%3E%3Cmember%3E12.12.12.1%3C/member%3E%3C/source%3E%3Cdestination%3E%...

PAN could generate system log about max session and cps?

Hi.I want to know about system log.When Max Session fully exhausted, system log could be generated?When CPS limit reached, system log could be generated?PANOS 5.0 could generated a system log for high DP CPU. I want to know description of system log when high DP CPU event be occurred Thanks.Regards

Roh1 by Not applicable
  • 3734 Views
  • 3 replies
  • 0 Likes

Resolved! Bottom Custom Reports

So PAN systems come with a lot of awesome custom report options, but I want to find policies that aren't being used very much, perhaps let's say 0 hits in 7 days. I'm attempting to do this in a much more simplistic and preferable-to-read fashion by sorting by count and grouping by rule. The issue is that I cannot sort by count ascending, everyth...

question for block amazonaws

Hi I recently got many amazonaws.com IPs listed in my attacker list from my daily report as below. How do I block all traffic from amazonaws, and I cannot find it from my traffic monitor and why? Please give me some hints? 52.5.42.249 ec2-52-5-42-249.compute-1.amazonaws.com 1054.85.146.141 ec2-54-85-146-141.compute-1.amazonaws.com 952.91.113.8...

Bin by L1 Bithead
  • 5031 Views
  • 2 replies
  • 0 Likes

How to generate SNMP Trap for testing purposes on PAN OS?

Hello I'm on PAN OS 6.1.8 and I try to test my reporting/alerting system. Is it a way to generate trap from PAN os from CLI/GUI? P.S. This doc https://live.paloaltonetworks.com/t5/Configuration-Articles/SNMP-Trap-for-Port-or-Link-status/ta-p/56280 is realy outdated but still searchable. It also doesnt have info of PAN os. Regards Slawek

_slv_ by L4 Transporter
  • 4367 Views
  • 1 replies
  • 0 Likes

python-script How to add source address to gpolicy (XML API)

Hello, i would like to add source address and destination address in a policy using XML API. below syntax is right? /api/?type=config&action=set&key=key_value&xpath=/config/devices/entry/vsys/entry/rulebase/security/rules/entry[@name='test']&element=<source><member>192.168.1.1</member></source><destinat...

RADIUS authentication and multi-vsys configuration

Hello, i have a pair of 5020, with multi-vsys environment and i want to be able to separate admin access based on vsys and read-only/read write access. I successfully configured following admin access scenario, using external RADIUS server: separate read-only user access to all vsys separate read-only user access to only one vsys separate read-w...

What is the "Allow" action in Data Filtering log for Wildfire?

Hello, I understand what forward, upload, and upload skip mean in the Data Filtering logs for wildfire. But some files I see the Action listed as "Allow". What does this mean exactly? I've been searching for an hour and can't find any reference to that action. Thanks, Elliott

epeeler by L2 Linker
  • 2633 Views
  • 2 replies
  • 0 Likes

Resolved! Configuration Migration between same series appliances

Hello PAN Community. I would like to read your opinions/comments about the following situation: we currently have a HA Scenario deployed in production with 2 PA-3050 in active-pasive mode, both of them with PAN-0S 6.0.4. We plan to replace the scenario with PA-3020 appliances and both of them with PAN-OS 6.0.6 installed. How should we proceed? I...

Resolved! SSL Decryption - log for SSL certificate errors?

Hi all, We are using PANOS URL Filtering and SSL Decryption, and we reject a variety of SSL certificate problems such as expired certificates, SHA-1 signing, etc. When one of our users hits one of these web sites, they get a "block" page. This invariably leads them to submit a request to have the site unblocked, without any additional inform...

RSKadish by L2 Linker
  • 8798 Views
  • 3 replies
  • 0 Likes

Resolved! Proxy IDs help

HelloI have a Palo Alto Firewall which wants to have IPsec Tunnel with a peer firewall which is a Checkpoint Firewall. Any of the firewalls can initiate VPN Traffic. Can someone kindly let me know, what proxy IDs can be set on my Palo alto firewall for the following 2 cases.Case 1:My internal networks for VPN (Palo Alto Firewall) : 172.16.10.0/2...

way to do site-to-site with single tunnel and preserve security rules for intra and interzone?

hello all, I've got to add a new satellite office into our network and I was hoping to do this with a single tunnel. If that were all that was required I'd probably be fine, but it's complicated by the fact that several years ago when our network was built it was decided, presumably for budget reasons, to use our PA hardware as router, firewal...

Domain-map showing no result

What can be the possible reason for debug user-id dump domain-map showing no result. I have a domain with netbios name as test where in the actual domain is test.abc.def.com. I am using user-id agent. I am pulling mapping from the user-id agent as test\usernamewhere as group mapping as test.abc.def.com\group.when I tried to use domain-map comman...

Westcon2 by L3 Networker
  • 2692 Views
  • 1 replies
  • 0 Likes

Wildfire signature

Hi folks, After Wildfire detect that file is malicious , how can i block this file or how can i find this malicious file signature ?

  • 24340 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks