This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

Resolved! shell request failed on channel 0

Trying to do an SCP copy to a server, but I can't get past "shell request failed on channel 0". Using Solarwinds, and it says Authenticated user "username" from IP "ipaddress", but it always fails from the firewall. Any ideas?

craymond by L4 Transporter
  • 21861 Views
  • 4 replies
  • 0 Likes

Resolved! PAN-OS 7.0.2 SSL Decryption certficate untrust issues (No problem on 7.0.1)

Yesterday i upgraded my pa vm-100 from panos-7.01 to 7.02.After that facebook stopped working with SSL decryption on. After some testing and troubleshooting this seems to be the problem.The problem is that some akamai domains that facebook uses gives me an palo alto certificate untrusted page.for example this domain: https://fbcdn-profile-a.akam...

Beware ! PAN-OS 7.0.2 - Seemed to kill AV and inspection

Hello Environment Rule base is established and working with LDAP integration for users . Outbound SSL SSL decryption is also setup and working 7.0.1 Rules allow a group to talk to the Internet. Security profile are used for AV, Anti Spyware , URL filter and File blocking. SSL decryption is also setup . Symptom A bespoke Response Page is setu...

Deny the access to the servers in LAN zone

Hello, I need to restrict the access to a critical server in our company i the LAN zone . I add a security rule that restrict for exemple the address 192.18.1.25 to access to database server tht has the address 192.168.1.20 . I add a security rule from LAN to LAN with this address but the rstrection do't work! How can i do this restriction ? ...

RCHAIBI by L2 Linker
  • 4931 Views
  • 6 replies
  • 0 Likes

How to Allow an App But Block a "Depends On?"

From what I understand, you need to explicitly allow "depends on" apps for a given app to work, https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Check-if-an-Application-Needs-Explicitly-Allowed/ta-p/61893 However, what if I want to only allow the "child" application, but not the parent? My example is "logmein." We explicitly...

cosx by L2 Linker
  • 4384 Views
  • 2 replies
  • 0 Likes

Resolved! Eicar no longer in AV signatures?

Is Eicar testfile no longer blocked by PA? I've tried through 2 PA devices and on both occasions it arrived to endpoint station (where was blocked by endpoint AV). On 8th September 2015 same configuration was still blocking it. Yes, I am trying http version, I have AV on block etc.

santonic by L6 Presenter
  • 5561 Views
  • 4 replies
  • 1 Likes

Aggregate Ethernet Trunked Traffic in a VWire

Hi Team, I was wondering if the below is acheivable. I plan to deploy vwires for this setup. Upstream switch's are Cisco switch's and same with downstream. (downstream switch's are stacked switch's - so logically one switch) The red is indicating one VLAN, like wise blue. We are planning to create an aggregate ethernet with sub-interfaces and...

Screen Shot 2015-10-17 at 15.45.02.png

Issues with SSL Inspection

Hi, I am having this weird issue where an application breaks because of SSL inspection. I have made an exclusion based on the certificate:ssl-exclude-cert [ login.salesforce.com *.salesforce.com ]; However, the firewall still decrypts the traffic, and it looks like it does when a different application is detected: This traffic is generated by ...

salesforce.JPG
MMCiobanu by L3 Networker
  • 5494 Views
  • 6 replies
  • 0 Likes

PBF e-mail notification

Hello,Does anyone know if there's a way to have a notification e-mail sent when PBF kicks in? We had a hiccup on our Internet circuit and PBF worked flawlessy... so well though that I wasn't really aware of the circuit issue until the next day when I was troubleshooting something else related to the hiccup. There are probably a few different w...

dwoolley by L1 Bithead
  • 4759 Views
  • 4 replies
  • 0 Likes

Resolved! PA-500 6.1.4 Policy and URL filtering

Hi, I have very big problem with my firewall. I have a few URL filtering rules which I block some of sites. Example: 1. Allow social network(linkedin) block youtube -> name AllowSN 2. Allow youtube block social network(linkedin) -> name AllowYT 3 and so on And I create for this URL filtering policies where specific users(by ldap) can ac...

ITBT by L1 Bithead
  • 5248 Views
  • 8 replies
  • 0 Likes

PA 500 stop sending reports automatically by email

Hello, After upgrading two cluster of PA500 to 7.0.1, customized reports cannot be sent automatically using email.Using the 'Test send email' is working so it's not an issue with the config. The device stop sending the reports after 18 days... Regards, HA

licenselu by L4 Transporter
  • 3652 Views
  • 4 replies
  • 0 Likes

VLAN with Palo Alto Networks PA-500

Hello, We need to set up a VLANS in the office with the PA-500 but we don't like to change our address. It's possible to configure a VLANs with MAC address or protocole with PA-500? Thanks

RCHAIBI by L2 Linker
  • 7793 Views
  • 12 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks