General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

SSL decryption inconsistency

Hi, I have enabled decryption on a small group for testing purposes. I have a simpel 2 rule setup, first exluding financial, health and custom white listed and then decrypt everything else. I have a hard time finding out why the same site in the same browser on different pc's behave differently. For example my colleague got ERR_SSL_PROTOCOL_ERRO...

Resolved! Processes on the Palo.

Hi,There are various processes that maybe restarted using the debug command. Most are self explanatory. But whats the difference between l3-service and routed ? and webserver and management-server ? and vardata-receiver.> device-server Device server process> l3-service L3 services server process> log-receiver Log R...

How can I add multiple IP Ranges to one Address Object

I need to create one Address Group, ExchangeCloudIPs-Grp, with many IP ranges. I have PA-500, How do I accomplish this v 7.01. What is the easisest way to accomplish this so I can go back later and add remove IP ranges?

Resolved! how to clean disk space-GUI getting session timeout

not able to access firewall using GUI getting session timeout > show system disk-spaceFilesystem Size Used Avail Use% Mounted on/dev/sda2 1.9G 1.8G 0 100% //dev/sda5 6.6G 3.9G 2.4G 63% /opt/pancfg/dev/sda6 1.9G 1.1G 709M 62% /opt/panrepotmpfs 1.3G 69M 1.2G 6% /dev/shm/dev/sda8 2.4G 1.5G 784M 66% /opt/panlogs

Resolved! Issues with Asymetric Routing

Hello Community, I need your help to how to identify the asymetric routing in my PA-3020? and what are the best way to allow or bypass these traffic until solve the routing issue the third party device?. Best RegardsAndres Padilla

Troubleshooting downloading large files

Hi , Downloading like large files continously failing , when bypass it seesm to be ok ?How could i start an investigation ?Thanks

Resolved! NAT rule being applied wrong

Hi, we have a static NAT from this ip 192.168.200.8 (zone DMZ) to 195.57. (zone VPN). But we realised that the NAT rule which is matching is wrong.Its matching the NAT rule (ftp.arag.es) but this rule has a filter by "Destination zone" Externa. And the real traffic is VPN<->DMZ Why PA is applying this rule if not being include the destian...

Resolved! User-id and re-identifying auto logon users

We have a fairly large group of thin clients that auto logon to a user account that is used for launching their Citrix desktop. We are also using the PAN firewall to use NTLM (browser-challenge) for captive portal for internet access for all users. What this means is that we have over a 1000 machines that all have an ip to user mapping to the sa...

Solar Winds

Is anyone using solar winds to monitor their PA firewall?

Migrating Sonicwall

Has anyone migrated from a sonic wall to a palo alto? If so how did you do it? The palo migration tool seems to support a load of firewalls but not sonicwalls. Is it a case of doing it all manually or is there a migration tool around that I'm missing? Any help would be massively appriciated.

Resolved! Graphing Application Usage over time with SNMP

Hi All, Is it possible to graph the application bandwidth over time using something like SNMP? Essentailly I am looking for your typical Bandwidth graph that you normally see with SNMP but I would like to graph it for just an application for example Facebook. I know you can do with live with the QOS features but I would like to have this graphe...

Ultrasurf

SomeBody knows how to block ultrasurf

GlobalProtect Welcome Page Frequency?

Hello... When useing the GlobalProtect Welcome Page I've noticed it is only displayed on the client when they first connect, I assume once a day. Is their a way to either force it to display every time a connection is made, or to make the PA think it's the first time someone has attached? Thank you.

Resolved! Zone Protection exception

Hello,We’ve a problem with one of our customer.Probably due to a carrier router misconfiguration, packets coming from - and only - a specific IP source are matched as fragmented by PA. As consequence, due to a Zone Protection and Fragmented Traffic profile applied to that zone, some kind of traffic that comes from that IP is discarded (for examp...

Shared gateway and BGP setup problem ?

Hello all, This is the first time I post to the community. Before posting this message I've read a lot of information and I only can thanks everyone for all the interesting information found here. We have some difficulties to set up a "working" shared gateway with our Internet connection with BGP. I'm not sure where the problem is from, if it's ...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!