This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4477 Views
  • 0 replies
  • 0 Likes

Custom vulnerability Signature

Hi, I am trying to create a custom threat signature based on the HOST: header in the URL request and URI request field. The signarure is working as expected. Issue is when I tried to add a pattern which is less than 7 bytes in http-req-host-header field, the signature is not accepted by the device. Any help is appreciated. RegardsThanzeer

PA4020 to PA3050 migration path

Hi, We bought a PA3050 appliance that will replace our PA4020 appliance. So I need to know how to migrate data and configuration from the older one to the older one. Is it possible jutst by copying files from one to the other?. Thanks

elaporte by L0 Member
  • 3006 Views
  • 3 replies
  • 0 Likes

PA object naming schema/convention?

Was about to create a naming schema for PA firewalls objects, but I am wondering if someone already has something I can model mine on so I don't have to reinvent the wheel.

Snake by L0 Member
  • 6424 Views
  • 4 replies
  • 0 Likes

Reports only show 5 rows of information

I'm attempting to create a custom report, where data is generated in either 10 or 25 rows. For example: Top 10 denied applicationsTop 25 URL CategoriesTop 5 users for top 5 apps My problem comes when the report is generated and emailed. No matter the custom report, the data will only show the top 5. So I get: Top 5 denied applicationsTop 5 URL C...

BRiden by L0 Member
  • 2871 Views
  • 2 replies
  • 0 Likes

Resolved! How to Configure Action for 'automatic blocking an IP for an hour' in a vulnerability scanning?

Hello,This would be possible to implement?Configure my firewall to make a action for 'automatic blocking an IP for an hour' in a vulnerability scanning.Objects -> Custom Objects -> VulnerabilityExample: IP auto-block attacker for 1 hour, if 10 times in 10 seconds Any Scan Vulnerability Bash.I want "OR" condition. Here. addition to "IP add...

Imagen 1.jpg
Imagen 02.jpg
Imagen 15.jpg
Imagen 16.jpg
SOC_CSG by L4 Transporter
  • 18626 Views
  • 6 replies
  • 0 Likes

Could I change session timeout to 24 hours for all applications?

Hello, I have two questions.First, Could I change session timeout to 24 hours for all applications?Each applicaitons have each different session timeout value.My customer would like to change session timeout of all applications to 24 hours.Do you knew way better easy? Second,I knew there are two way for changing session timeout.The one is global...

Resolved! WildFire logs not consistent

I'm having problems with Wildfire logs on one device (PAN-OS 6.1.6). In Data Filtering logs I can see many files being either uploaded to WF or skipped recently. But in WF logs I only see some old files marked as 'malicious'. I don't have any filter set. I also checked logs via CLI and the result is the same: just some old files marked as malici...

santonic by L6 Presenter
  • 3016 Views
  • 2 replies
  • 0 Likes

IPSec-ESP trough PA-7k only unidirectional best practice? Work around bug (ID:80950)

Hi, due to a bug (ID:80950), that PANW is not able to fix, it is necessary to create seperate IPSec-ESP policies for both directions trough the PA-7050. IPSec-ESP that comes in response to a opened session is being dropped if there is no separate policy for incomming ESP traffic. Example:-Client are allowed to open IPSec-Connections from "trust"...

Unibw by L2 Linker
  • 4654 Views
  • 2 replies
  • 0 Likes

Resolved! Diferences between Global protect 1.2 and 2.3 clients?

Folks. I upgraded my firewalls from 2020's to 3050's on the weekend (oh, and isn't it a joy to have firewalls that I can actually administer without waiting 20 minutes for something to happen on!), but I ran into a bit of a problem with upgrading Global Protect. My old firewalla ran the 1.2 client because I didn't want to load it up with anythin...

darren_g by L4 Transporter
  • 4606 Views
  • 6 replies
  • 0 Likes

Resolved! BGP MD5 through the firewall

HI,if i want to allow two BGP peers to communicate through the Palo ALto and the two peers use authentication, for other firewalls since randomize tcp sequence is enabled this feature will not work without more config, is it the same case with Palo Alto, is randomize tcp suqunce a default option in PAN and does it require extra config to allow B...

hannk013 by L0 Member
  • 4090 Views
  • 2 replies
  • 0 Likes

User activity report customization

I'm trying to create a user activity report for a machine used by multiple people. The manager wants to see what internet activity from this machine looks like, across three shifts (24 hour period). I can run the prebuilt User Activity Report against the machine's IP address, and with detailed browsing checked, and it gets everything. The proble...

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks