This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4246 Views
  • 0 replies
  • 0 Likes

Resolved! DNS sinkhole log action ons DNS rule

https://live.paloaltonetworks.com/t5/Articles/How-to-Configure-DNS-Sinkhole/ta-p/58891 explains how to configure DNS Sinkholing.In step 3 the anti-spyware profile is added to the security rule that allows DNS traffic. Does logging (at session end) need to be enabled on that rule for sinkholing to work ?Or does it only have to be enabled on the r...

dieter_b by L4 Transporter
  • 9273 Views
  • 11 replies
  • 0 Likes

Resolved! Best Practice for insufficient-data

Hi all, What are you doing with traffic identify as "insufficient-data"?I know we are supposed to do pcap and trying to identify if then create custom app but ... on real life 🙂 Although you have created a rule for denying all, insufficient-data still go through the firewall (like "unknown" traffic) inbound and outbound !! Most of this traffic ...

rule.png
log
VinceM by L5 Sessionator
  • 33715 Views
  • 3 replies
  • 0 Likes

Except Specific IPs from port scan detection / Zone Protection

I have a highly regulated environment with multiple internal security zones. We need to be able to run our vulnerability scanning solution against servers in separate zones on a routine basis.It was simple to exempt the scanner's IP from the Threat Prevention stuff (created a new security profile group which alerts on everything instead of block...

SDorsey by L4 Transporter
  • 13936 Views
  • 13 replies
  • 0 Likes

NAT DIPP fallbacks

Hi thereIm seeing NAT DIPP fallbacks quite a lot relating to a NAT rule, theres does not appear anything not working so im wondering if its somehting that im not noticing work. Ocasionally it feels more sluggish that it should when browsing web pages but thats about the only thing. There only one nat on the firewalls its set to fall back to an...

Resolved! PANOS6.0.5 Inbuilt CA can't generate a certificate with UPN (user principal name) attribute?

PANOS 6.05 inbuilt PAN certificate authority doesnt seem to have the ability to generate a certificate with subjectalternate value for UPN (user principal name e.g user@domain.local ). This is the standard way that Microsoft embeds usernames (UPN format) into certificates, On PAN CA generated certificates you could set the username/samaccountn...

CMG by L2 Linker
  • 2599 Views
  • 1 replies
  • 0 Likes

SQLinjection not being detected by PA

Hi, we are receiving these tries about SQL injection but our Palo alto is not detecting it. How can we do that PA detect this SQLi????? we have updated the threats signatures. Sql injectionGET /ficha-modelo?id=2&entidad=99999999%27%20oR%20%277%27=%277 HTTP/1.1" 500 59878 "-" "Mozilla/4.0GET /ficha-modelo?entidad=!S!WCRTESTINPUT000000%3C%3E%3...

SOC_CSG by L4 Transporter
  • 5732 Views
  • 8 replies
  • 0 Likes

Active/Active L3 problem with asymmetric routing and NAT

I'm stumped. I've looked through as many pieces of documentation and discussions as I can find and I think I have everything set up correctly, but it's only half working. What I have is two PA-5050s in Active/Active. I have two routers on the outside, each has a L3 connection to both firewalls. I have two routers on the inside, each has a L3 ...

Hybrid whitelist/blacklist Policy

I played around on our lab FW a bit but couldn't get this working. Here are my objectives:- Create a "White List" custom URL category that allows only a handful of web sites. (Working with URL Filtering profile.)- Log all permits (Working. I got this by setting Action to alert)- Create a "Black List" custom URL category that denies a bunch of "n...

Resolved! URL Filtering - Bypass for Level 1-2 Support

Good Afternoon I have a request to look into a way a Level 1 - 2 Support Person can easily bypass a blocked URL. Be it by policy, a custom button on the response page, captive portal, or a combination of whatever might be needed to do so. Has anyone set something like this up? Is it possible? And what would be the best practice or best metho...

Resolved! How many can I create url-filtering profile on 5050?

Hello, I have two questions.1.How many can I create url-filtering profile on 5050? 2. And I have watched as below output of cli on 3020,sylee@PA-3020-uquest(active)> show system state filter cfg.general.max* | match profilecfg.general.max-profile: 150 Is this count including all profiles(AV , AS , Vul , URL , File , Data)?If right, Can I crea...

Wildfire .ace archive support

Does Wildfire support the .ace filetype? I've received messages that should have been filtered that have .ace payloads. The message attachments are clearly malware based on virustotal. The message bodies are classic phishing type attacks. I have all filetypes being sent to Wildfire from our mail gatways but this one doesn't seem to have match...

Drop all packets

I added an exception to a spyware profile to drop all packets and it now says its dropping and allowing the packets how can that be?

jdprovine by L4 Transporter
  • 6289 Views
  • 9 replies
  • 0 Likes
  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks