This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4108 Views
  • 0 replies
  • 0 Likes

Blocking Malware Callbacks

Malware Callbacks for command&control and also for data exfiltration are often transported in HTTP POSTs. The URL blocking of category malware URLs seems only to block the HTTP response. The GET or POST request seems to pass untouched to the server. So it is possible to exfiltrate arbitrary data in the GET or POST request. What is the su...

Unibw by L2 Linker
  • 3845 Views
  • 2 replies
  • 0 Likes

Interface question

Hi! This is our network: My question is about interface 1/6: I can ping the juniper from outside the network. But I can only ping the OpenVPN Server if I configure the IP-Address 80.0.0.5/32 explicit in this interface. Without this entry (80.0.0.5/32) I can't ping this server... why 🙂 !?

netz-skizze.jpg
interface-aktiv.png
Morneweg by L1 Bithead
  • 2770 Views
  • 3 replies
  • 0 Likes

Unlisted YouTube Video being blocked but All Other YouTube Videos are Viewable

Our company has hired someone to make a sales video and they have released a draft of the video on YouTube. The draft is an unlisted YouTube video and our users are not able to view it. The page opens and the video screen just spins, trying to connect and play the video. All users are able to view any other YouTube video that is publicly listed....

PA200 stops forwading traffic

Hi, we have a pa200 (6.0.8) whichs suddenly stops forwarding traffic. So we had to reboot the device via managment UI to fix the problem. After doin some research i found this knowledge article from palo alto: https://live.paloaltonetworks.com/t5/Management-Articles/Firewall-Slows-Down-and-Stops-Forwarding-Traffic-after-Applying/ta-p/59213 ...

voip_class
iweltag by L2 Linker
  • 2242 Views
  • 2 replies
  • 0 Likes

Resolved! PA-500 destination NAT not working on PAN-OS 7.0.3

Hi guys, I have a Zabbix monitoring server on an external IP/network which is listening on port 10060. I have a zabbix agent installed on my internal windows server that is also listening on port 10060. The server will make requests to the agent to query its status. To allow the Zabbix Server access to the internal network, I have setup dest...

TS Agent Source Port Redirection blocks ODBC connection

We have a deployment of the TS Agent on 2008 R2 terminalservers. The TS agent works as designed and reassigns source ports. However, one specific segment of one specific application that is based on MS Access fails to connect to an SQL server when the TS agent service is running.The application's vendor says they don't enforce specific source po...

Resolved! Google Safe Search Brightcloud

Anyone else having Problems with SafeSearch And Google today? We were having dozens of reports that no matter what it was blooking google saying safe search was not set even if it was, we Roled back from 4668 to 4667 and it seems to ahve fixed its self for us here.

Resolved! Ultrasurf usage increase

Hi, Since yesterday, I saw a big increase in the use of the Ultrasurf application. Actually, it went from 0 to 200k sessions per day. Is anyone else seeing this kind of increase? I noticed they modified that application in the last content update. Maybe PAN made a mistake somewhere? Thank you, Benjamin

Experiences with PAN-OS 6.1.8 ...

Hi all Does anyone already have installed 6.1.8 and tested? Are there any new issues? What I can tell so far is ... ... some sites with supported ciphersuites and TLS versions which did not work in 6.1.7 are working now ... websites with ECDHE/DHE Ciphers are working now respectively are not decrypted anymore when no decryption profile is appl...

Remo by L7 Applicator
  • 3504 Views
  • 4 replies
  • 0 Likes

Site-to-Site VPN with Dynamic Peer IP address not forming

In this set up, I'm trying to configure a site-to-site VPN between a PA and a Cisco 3G router (whose IP address will be dynamic). I'm unable to get the tunnel working. When I run the command 'show vpn ike-sa gateway <gatewayname>', I get no information about the tunnel. It doesn't even seem to know about the tunnel. Any ideas please?

Bocsa by L3 Networker
  • 6280 Views
  • 7 replies
  • 0 Likes

Disabled policy rules

Hi, Under monitoring , still disabled policy rules matching to some some session . And the session status are most of them 'incomplete' .Why ? Thanks

sib2017 by L4 Transporter
  • 2591 Views
  • 3 replies
  • 0 Likes

Resolved! DNS traffic allowed for one server but dropped for another

I have a perplexing problem with allowing DNS traffic from internal to the internet on our new PA-3020 running 7.0.3. We have 2 DNS servers in our datacentre on the same subnet that perform queries to a couple of external DNS servers provided by our telco. I have a rule allowing traffic from the 2 IP's (Internal Zone) for our DNS servers out...

Mitre10 by L0 Member
  • 5523 Views
  • 1 replies
  • 0 Likes

What Dynamic block lists do others use?

Hi there, I have recently started wanting to setup using some Dynamic block lists in my PA box. I just wondered if others use these and if so, which sites do they use? I was inially looking at using these 2. www.spamhaus.org www.openbl.org Any others that you would suggest? Or even, if you have reason to not use the above 2 I would lov...

JRussell by L3 Networker
  • 3255 Views
  • 2 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks