This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4243 Views
  • 0 replies
  • 0 Likes

Sinkhole Feature Trouble

We implemented the DNS Sinkhole feature about the time 6.0 came out. I've actually had a hard time using the threat and traffic logs for incident response. We can't pinpoint which hosts are hitting what URLs or malicious domains. The threat logs show all the suspicious DNS queries that come from our DNS servers but not the hosts themselves (beca...

How Does DNS Sinkholing Work?

Can anybody offer a detailed explanation of how DNS Sinkholing works and possibly a real world example of it?I can only find this documenation: How to Configure DNS Sinkholing on PAN-OS 6.0 and it doesn't provide a lot of details on how it works.It seems like the DNS request is allowed but when traffic starts to flow the firewall notices the des...

Can't get syslog to work via data port

Hello folks, Maybe someone has seen this before. I've got my syslog profile, log forwarding and policy setup the way they should be configured but the only exception is that I'm using a data port and UDP 1514. I've configured a service route and also allowed the syslog server on my interface management profile. The connection between the firewal...

x by L1 Bithead
  • 3009 Views
  • 1 replies
  • 0 Likes

Resolved! Configuring a port for a dedicated WAN link.

I recently ordered a 1GBPS dedicated fiber connection between my primary site and DR site. The ISP doesn't assign me an IP address or anything and says it is just a layer 2 connection. So I am a bit confused on how to configure my PA 3020s(one at each location). I have installed an sfp module from PA into each side but they are not coming up....

Mogus742 by L0 Member
  • 3389 Views
  • 1 replies
  • 0 Likes

critical severity default action alert

I am trying to understand the meaning of the default critical vulnerability action "Alert". This question was brought up by management who gets the PAN Content Update email and I want to give them an accurate answer. For example, Adobe Flash Player Memory Corruption ID 38112 is rated as critical and, as most critical vulnerabilities, the default...

Resolved! Baseline Procedure for DOS Prevention

Hello everyone,I was looking at setting up the DOS profile/protections on a PA-3020. I obviously need to baseline the traffic/system and was curious if there areany docs, Perhaps hidden, that would help me in this.Essentially I will need to grab stats. I realize Cacti can do this, but my customer does not have any available tools. : (thank you...

dbrenipc by L3 Networker
  • 4290 Views
  • 2 replies
  • 0 Likes

How do I create a browsing report thats easy for a CEO to read...

Hi,I have been tasked with creating a report out of our Palo Alto firewall that shows the following.For a period of 1 monthUsers Hours\Sessions on a websiteTop 20 visited websites.Top 20 Categories.We are using the user agent so all the data should be there, I can see some of it but getting this into a format that easy to read for a CEO?Can some...

tezza by L2 Linker
  • 4986 Views
  • 2 replies
  • 0 Likes

Trouble differentiating between malware already seen by WildFire and malware 'first seen' by WildFire

I'm having trouble determining which malware has already been seen by WildFire (therefore it was not re-sent for analysis and blocked by the FW) vs. a file that our organization sent to WF and was determined to be malicious after analysis (not seen before by WF) . This would significantly help our organization respond to malicious files that may...

r_gine by L1 Bithead
  • 4967 Views
  • 3 replies
  • 0 Likes

Resolved! Custom Button on URL Continue Response Page

Is it possible to create a custom button for the URL Continue Response Page? My customer is complaining that the Continue button that is part of the pan_form is too small and would like to create a larger one to use.

jwolach by L4 Transporter
  • 12936 Views
  • 8 replies
  • 0 Likes

Polycom can not answers a call

hi all.i have a problem with palo altl and polycom.When i make a call from inside to outside >> it okwhen a call from outside comming >> i can not answersi open all port, allow all application as: h.323, h.252, rtp...pls help me know why

dat.tran by L2 Linker
  • 8334 Views
  • 9 replies
  • 1 Likes

Import ssh key

Is there a way to import an ssh key into a firewall?For instance, I run the following commands:ssh-keygen -t rsa (The public key is now located in /home/demo/.ssh/id_rsa.pub The private key (identification) is now located in /home/demo/.ssh/id_rsa)ssh-copy-id user@myfirewallWhen I run the ssh-copy-id command, I asks me to login and I get this:Un...

QoS Guaranteed

Hi, I would like to book (guaranteed egress) 5Mbps for streaming in one of my vlan. My outide-Internet (egress) interface is eth1/1. The class for streaming is CLASS 1 (real time) right????whats the difference between "clear text traffic" and "tunneled traffic"??? Im using a PA2020, i can do QoS for limited bandwith and guarranteed in this model...

SOC_CSG by L4 Transporter
  • 4054 Views
  • 5 replies
  • 0 Likes

Resolved! ISP Failover Email Alert

Recently we configured ISP failover on two PA500s using PBF for the primary ISP and the virtual router for the backup ISP. We would like to setup some kind of email notification, or alert when this failover occurs. I've looked through the Admin Guide to try to figure out the best solution and the forums and haven't found a solution yet. What wou...

How to configure PAN to Azure VPN tunnel

I'm sure I'm not the first one to do this, but since I wasn't able to find a document on how exactly to do it, I figured I'd contribute one. I'd appreciate any corrections or optimizations.The Azure side documentation is pretty clear online and honestly there aren't many options available to configure. But here are is my Azure address space for ...

bjdraw by Not applicable
  • 15039 Views
  • 8 replies
  • 4 Likes
  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks