General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 222 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 901 Views
  • 0 replies
  • 0 Likes

Resolved! Restart daemons/services

Is there a way to manually restart daemons and services in the CLI?

I have a box with sslvpn configured. The sslvpn suddenly stopped working and the portal page doesn't load. I double checked the config and the traffic logs show the traffic as being a

...

SDorsey by L4 Transporter
  • 17299 Views
  • 8 replies
  • 0 Likes

Error: Certificate failed to load: invalid certificate chain

Hi there,

I generated a CSR with PAN-OS 6.1.3 and submitted it to our Microsoft AD CA with subordinate CA template. After uploading the certificate it shows up under the root CA certificate of our domain. But when commiting the changes I get an "Error

...

cale by L1 Bithead
  • 11336 Views
  • 4 replies
  • 0 Likes

How to forward traffic (URL) to a syslog server?

The $misc variable can only be used for Threats?

How to register the URL in syslog server?

CEF Key Name: request

Full Name: requestURL

Data Type: string

Length: 1024

Meaning: URL or filename for threat logs

Palo Alto Networks Value Field: $misc

from PANOS_6

...

UNIVALI by L0 Member
  • 2444 Views
  • 1 replies
  • 0 Likes

preemption loop detected

Hi,

I have two PAN 500 in HA A/P configuration with PAN OS 6.1.3 and virtual wire configured with link detection failure ANY. I tested link failure detection in way to disconnect one side of Vwire and passive device takes over and became active. After

...

Tician by L3 Networker
  • 4602 Views
  • 1 replies
  • 0 Likes

HA A/A or A/P

Hello All,

I have such situation where considering in which mode to put HA PA configuration. As you can see on drawing, customer consider to put PAN in sandwich of VRRP cluster and vLAG virtual switch. VRRP has one virtual IP and MAC, and all destined

...

Tician by L3 Networker
  • 3302 Views
  • 3 replies
  • 0 Likes

Global Protect LDAP Child Domains

Has anyone setup Global Protect with LDAP for Child Domain or have a link to a doc on it?

Global Protect works perfect for users in the parent domain. Want authenticate users in the child domain.

ddavis1 by Not applicable
  • 2968 Views
  • 2 replies
  • 0 Likes

File blocking .doc isnt working

Hi,

We have configured a policy for File blocking in order to ask confirmation before download .doc files.

doc file: www.apd.cat/ca/media/2165.doc

This is the policy

When i try to download this .doc file, the browser stuck loading but it shows nothing, t

...

SOC_CSG by L4 Transporter
  • 5659 Views
  • 11 replies
  • 0 Likes

NTML authentcation for Captive Portal

Hi All,

I am looking for ways to configure Captive portal policy with NTLM authentication.

I have read a good number of PDFs from Palo alto but still unable to understand how do i configure it.

In short i need to know how do we configure NTLM authentica

...

ArjunDAS by Not applicable
  • 3317 Views
  • 3 replies
  • 0 Likes

Resolved! This webservice call is only available to Panorama

Dear folks,

A few weeks ago we noticed a strange error message in our Panorama management software. If we navigate to "Panorama \ Device Deployment \ GlobalProtect Client" we receive the following error message:

We close the message box but the area st

...

oschuler by L4 Transporter
  • 2853 Views
  • 2 replies
  • 0 Likes

site-to-site vpn from Sophos

IKE coming from a Sophos device is incorrectly identified as application ciscovpn instead of application ike.

Is this because Sophos uses cisco-ish protocol ? All I see in the logs is udp 500...

I'm happy allowing application ike, our other site-to-sit

...

dieter_b by L4 Transporter
  • 2641 Views
  • 3 replies
  • 0 Likes

Ignore usernames that start with sophos?

On our servers we have the User-ID being mapped as companyname.com\sophosCOMPUTERNAME

Sophos is our AV software which uses that account for getting updates. Is there anyway for me to add any names beginning as sophos to my ignore_user_list.txt?

pmc by L2 Linker
  • 1872 Views
  • 1 replies
  • 0 Likes

DShield top 20

Is anyone currently using this dshield top 20 list subscription? How well does it work/ Is anyone blocking inbound, outbound or both? What is the best way to configure it?

jdprovine by L4 Transporter
  • 3791 Views
  • 6 replies
  • 0 Likes
  • 24018 Posts
  • 115 Subscriptions
Top Liked Authors
Labels