This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4110 Views
  • 0 replies
  • 0 Likes

AV version confusion

Hi all, I have a HA pair (A/P) of PA-500s and one of the devices seems to be giving mixed messages about the version of the AV definitions in use. This has been the case for a couple of weeks now. It is not causing problems as such, but it is not right either. If anybody can advise on how I can get our PA-500 to report correctly it would be ap...

pa-av-post1.png
pa-av-post2.png
pa-av-post3.png
DavePalo by L4 Transporter
  • 3839 Views
  • 2 replies
  • 0 Likes

Palo Alto Redundant interface

Hi Guys, i want to connect the Palo Alto in a cross connection to switches. In cisco there is something as Redundant interfaces (link http://www.cisco.com/c/en/us/td/docs/security/asa/asa80/configuration/guide/conf_gd/intrface.html#wp1046014) is something which like this feasible in PA firewall or something a solution for this scenario. As per m...

connectivity.jpg
NiteshS by L2 Linker
  • 8767 Views
  • 5 replies
  • 1 Likes

Facebook videos working again?

So I've set URL filtering to block on the "streaming-media" category which has successfully blocked Facebook videos for months. This week, the videos started working again and it seems it's because they're using a different CDN domain (or multiple ones) -- is it better to block by the App-ID "facebook-video" instead of URL filtering?

Problem upgrading GlobalProtect

Hi,I’ve some problem upgrading GlobalProtectNow I’ve 2.1.1 versionActivating a new version (I try with 2.2.2 and also with 2.3.1) automatic upgrade fail and I need to manually remove GlobalProtect and install new version again. I also tried to install 2.2.2 and then trying an automatic upgrade to 2.3.1 but it still fails This is the log (T688) 0...

diennea by L3 Networker
  • 3209 Views
  • 1 replies
  • 0 Likes

How to export a list of disabled security policies

Hey all; This is probably a question that's been asked before but I'm wondering if there is a way to export a list of all security policies currently disabled. I'd like to have a short list for review. I've only been able to find the CLI to show unused security policies, and from the Policies section I can list all "disabled eq yes" but no way...

cafowler by L2 Linker
  • 3367 Views
  • 1 replies
  • 0 Likes

Resolved! Application Subcategory Report

I want to know how to run a Report on all users who used a File-sharing App. If i use Traffic Log i dont see Application sub category as the Attribut choice.

parichie by L0 Member
  • 2748 Views
  • 1 replies
  • 0 Likes

Resolved! Public wildcard certificate for use with Captive Portal

Hi guys, I have a scenario whereby we have a publicly issued wildcard certificate for our organisation and I'm wanting to use this in conjunction with Captive Portal on the PA-500. I've set all policies up and configured Captive Portal to redirect to a Loopback interface on the firewall (through the use of a DNS name which resolves to the IP of ...

Any luck with 7.0.2 out in the field?

I am curious to see if anyone has upgraded to the newest 7.0.2. I tried 7.0.1 but had a few issues with a commit command to one of my firewalls. Still working on that but has anyone installed 7.0.2 and are you happy with it?

PAN-OS 5.0 CLI script to change TCP and UDP Timeout Values for Default Applications on device

I have a requirement to change the timeout values on all of the paloalto os preconfigured/default applications (2000+ applications). Using the web interface, it would require opening and configuring each individual application. Can anyone lend assistance by pointing me to a CLI script that can make easier work of this task. Greg

townesgs by L0 Member
  • 2216 Views
  • 1 replies
  • 0 Likes

Resolved! Management Interface

Hi, Is it a good idea to connect the mgmt interface directly to wan ? or should it only be accessible locally and via an access server for remote management ?

Global Protect - Problem with name resolution DNS/WINS

Dears, We are facing a strange problem... sometimes external users connected via global protect cannot resolve names without the sufrix domain... Example:\\NAMESERVERorhttp://netflow:8080 Strange behavior below: when we ping that name we see that it is not being resolved...But when we do a nslookup we see the name resolution is OK browsing pro...

ScreenShot162.jpg
ScreenShot163.jpg
ScreenShot161.jpg
ScreenShot164.jpg

Custom vulnerability Signature

Hi, I am trying to create a custom threat signature based on the HOST: header in the URL request and URI request field. The signarure is working as expected. Issue is when I tried to add a pattern which is less than 7 bytes in http-req-host-header field, the signature is not accepted by the device. Any help is appreciated. RegardsThanzeer

PA4020 to PA3050 migration path

Hi, We bought a PA3050 appliance that will replace our PA4020 appliance. So I need to know how to migrate data and configuration from the older one to the older one. Is it possible jutst by copying files from one to the other?. Thanks

elaporte by L0 Member
  • 2898 Views
  • 3 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks