This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4442 Views
  • 0 replies
  • 0 Likes

Identifying unknown-tcp in Monitor tab

Hello,We have a PA-3020 running 6.0.3. Basically we have iSCSI replication set up between two sites. When I pull up the traffic in the Monitor tab I see the picture below. Even though iSCSI traffic is defined in the Applications section I tried creating another app to identify it but still see the "unknown-tcp" traffic show up. Is there some...

ClintL by L2 Linker
  • 9714 Views
  • 13 replies
  • 0 Likes

Resolved! Netflix and HTTPS

I am curious what the general take of the recent Netflix announcement is with regard to our ability to control the traffic. Announcement here . I have an opinion as to whether it is necessary, but that is another subject altogether.It is clear there is only so much application ID that can occur if the data is encrypted, but can it be combined w...

BobW by L4 Transporter
  • 9098 Views
  • 5 replies
  • 0 Likes

Resolved! User-ID Agent „established a connection to suspicious IP ...“

Hi everybody,does everyone have this situation on your PA-FW on the ports 137, 139 and 445 with country's: CN, US, MY, IN ...We have a lot of outgoing traffic with this situation and find out, that the PaloAlto "User-ID Agent" is the causer.A lot of the external (outside) addresses are in case of "WebBot" - very curiosity.

What on base are showed for "show all signatures" of exception menu in vulnerability?

Hello,I have a question.What on base are showed for "show all signatures" of exception menu in vulnerability?I knew installed threat version in FW show.But I guest it is not fact. Look at the following images.The above FW does not have threat signatures.All vulnerability signatures show me. Are hese signatures not real?Thanks,KC Lee

Captive Portal login page not prompted for IE6 browsers

Hi there everyone,Has anyone experienced any issue getting the captive portal login page to be prompted for old Windows machines running Internet Explorer 6? I have a customer whose environment is currently using IE6 and a PAN firewall running PAN OS 5.0.6 and the captive portal page isn't being prompted for these machines. Or is there a browser...

mytechpa by L0 Member
  • 3604 Views
  • 2 replies
  • 0 Likes

Qos statitics question

Hi,The above screenshot I took from the Qos rules under Qos Statistics .The Name field (first column ) is empty . What does it mean .?Thanks

sib2017 by L4 Transporter
  • 2625 Views
  • 3 replies
  • 0 Likes

Resolved! Application Blocking

Dear PAN Discussion Forum,I come to you in dire need of assistance. There is a battle going on within my network realm. A battle that we are losing. Some of my people have been mislead by downloading the Torch Browser application, and are now infected!The Torch Browser. Sucks in my users with an edgy-cool looking website that shows its fun to us...

Rags by L2 Linker
  • 11994 Views
  • 6 replies
  • 1 Likes

Resolved! Blocking Facebook for a group of USERS

Hello To All,We've a PA-500 which is linked to the AD. The idea is to block Facebook for a group of users.The thing is when those users will be logged (login and password), the AD update the PA-500.To block facebook for those users, What should be done?-1- Create a group of users-2- Create a Policy which include those users and a Deny rule for f...

Android VPN Split Tunneling

Hi, I have problems with Splti tuneling and Android devices using preinstalled VPN Android client. There is a workaround to solve it ? Regards, Jorge Goya.

IAC_SIC by L1 Bithead
  • 3846 Views
  • 2 replies
  • 0 Likes

Resolved! Upgrade cluste A/P and panorama

Hi, we have to upgrade a cluster active/passive and a panorama of this cluster. which are the steps to do these upgrades???1)upgrade the cluster like usual and then upgrade Panorama???2) first update the Panorama and then the cluster????advices...thanksRegards,

SOC_CSG by L4 Transporter
  • 3151 Views
  • 1 replies
  • 0 Likes

Resolved! PaloAlto firewall is sending system alert

Dear All,PaloAlto firewall is sending system alert saying "PAN-DB url filtering has expired" . But the i am using only "Bright cloud" url filtering license.Please suggest.RegardsSatish

Satish by L4 Transporter
  • 3830 Views
  • 2 replies
  • 0 Likes

Upgrade 5.0 to 6.1

Firewall device has two disk partitions:Partition 1 => 5.0.XPartition 2 => 5.0.Y (current active version)When you install now 6.0.X, it will overwrite 5.0.XSo after reboot Partition 1 will be active. Then you install the next update to 6.1.X, this will overwrite Partition 2.Partition 1 => 6.0.XPartition 2 => 6.1.X (active version aft...

Anon1 by L4 Transporter
  • 1988 Views
  • 1 replies
  • 0 Likes

Configuring Prelogon for GlobalProtect

I'm having a heck of a time getting prelogon working for global protect. I have spoke with both Palo Alto support, as well as a vendor that is a Palo Alto partner. Neither were really able to answer my questions.Here is what I have today. Two Palo Alto 3020's. One is on the west coast, and one on the east coast. I have the portal license on...

TheHuth by Not applicable
  • 8661 Views
  • 11 replies
  • 0 Likes

Change HA from A/A to A/P - techniques and known issues?

I have two PA-500's in Active/Active.We do not need to have them in A/A (in hindsight, it was a mistake) because we do not use asynchronous routing or meet the other typical A/A criteria. I think we are paying for that mistake, as you'll read below.When running software 6.0.5 I implemented a site-to-site VPN through which I ran a client-server a...

Resolved! User-ID for DNS

We have a server that has no body logged into it and all the DNS traffic from that server is showing as a certain user sending the traffic. Is there anyway to exclude this server from User-ID or another way to remove the user from this traffic?

  • 24375 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks