This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1961 Views
  • 0 replies
  • 0 Likes

Resolved! IPSec VPN with Cisco ASA behind NAT

I'm trying to establish a ipsec VPN tunnel with a Cisco ASA with a peer address behind a NAT fw.  We have checked all ike and ipsec crypto parameters, and successfully established vpn with Cisco ASA before.

Phase 1 is failing due to time out, and we g

...

arnljot by L1 Bithead
  • 6529 Views
  • 2 replies
  • 0 Likes

question

session closes due to aging out but the traffic shows allow can someone explain to me what is happening

CurtisG by Not applicable
  • 1723 Views
  • 1 replies
  • 0 Likes

Resolved! dynamic block list

The setting for the dynamic blocklist gives you the selection of hourly, daily and weekly at _____. I understand the hourly, daily and weekly increment but at refers to what ?

jdprovine by L4 Transporter
  • 2125 Views
  • 1 replies
  • 0 Likes

PA5050 .configuration backup

Hi All,

Could you please provide doc for how to take configuration back up for PA5050.

I am planing to upgrade software version .6.0.3 to 6.0.10

KMallela by L2 Linker
  • 2866 Views
  • 2 replies
  • 0 Likes

How to report malware

Hi

I know that I shuld report by WilDFireportal - I did it many times but now I have a problem.

hxxp://www.kazevid.com/kSCdM3iIRbrKlZ contains malware reported as Trojan-SPY/Win32.emotet.qz or Trojan/Win32.vbkrypt.ynhg.

This email that contains such lin

...

_slv_ by L4 Transporter
  • 3450 Views
  • 1 replies
  • 0 Likes

syslog forwarding

I have  everything configured to send syslog information from the palo alto to one of our syslog server. My issue is that none of the security policy IP ranges allows me to send the syslog information for a specific IP address that is going out to th

...

jdprovine by L4 Transporter
  • 7092 Views
  • 14 replies
  • 0 Likes

Many users receiving Captive Portal

Dears,

We have been facing a lot of users identified by Captive Portal and not via UIA.

Does anyone could suggest any troubleshooting/best practices to avoid this kind of behavior ?

Thanks in advance!!

Resolved! Vulnerability assessment question

We're having a vulnerability assessment done, and want to make sure that the IDS/IPS part doesn't disable all attempts from the vendors IP addresses, just the application blocking/service blocking.

Can I whitelist the 4 IP addresses and put them in a

...

rivkin by L1 Bithead
  • 7461 Views
  • 12 replies
  • 0 Likes

Resolved! user Id issue with active- active HA

Hello Friends,

we have 2 firewall active-active HA mode. same LDAP configuration on both firewall. HA Active primary it working fine but secondary is not working. if primary goes down secondary work as a active, its also working fine. but it will not

...

Satish by L4 Transporter
  • 7040 Views
  • 4 replies
  • 0 Likes

Layer 3 switch behind Layer 3 PA-3020 interface

So I'm new to my PA-3020 and trying to get beyond my basic config has introduced a new problem for me.

I have a Layer 3 Cisco connected to my PA eth 1/2 via a routed interface on the switch.  My traffic is all working fine now, but I want to make some

...

GCA by L1 Bithead
  • 4442 Views
  • 4 replies
  • 0 Likes

Poodle Bits Vulnerability

Looking for some guidance on this. I am seeing a lot of Poodle Bits vulnerability showing up on our threat monitor. Digging into the threat, the first item is always showing our current router (192.168.0.1) followed by two different attacker host fro

...

jharlow by L3 Networker
  • 2579 Views
  • 3 replies
  • 0 Likes

Resolved! DNS top applications?

I recently installed a PA-500 on our network. Currently it is in virtual mode as I start to understand how to configure the device.  One of the things I have noticed is that consistently, DNS is the number 1 application. Second is web-browsing.  Just

...

jharlow by L3 Networker
  • 5479 Views
  • 2 replies
  • 1 Likes

GUI Bug: Dynamic Source NAT

Hi All,

Looks like there is a minor GUI bug in the NAT policy section of Panorama.  Do you all see the same thing?

Objects:

NameAddressEXT_FW_192.168.0.1192.168.0.1/24EXT_FW_5.5.5.15.5.5.1/24EXT_FW_10.0.0.110.0.0.1/24

NAT Rule:

Translated Packet

Type = Dyn

...

  • 24203 Posts
  • 117 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks