This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4105 Views
  • 0 replies
  • 0 Likes

Antivirus-1470-1943

Our 3020 PA got updated with new AV definition this morning. Since then it is marking all Flash as Virus/Win32.generic and dropping it for all users. But we are not getting any complains from end users. We tried some sites with flash content and had no problem playing flash video. It appears the firewall is not really denying it, but logs it as...

awarsame by L1 Bithead
  • 5821 Views
  • 9 replies
  • 2 Likes

CVE-2015-0310

Model# of the device: PA-5020 Serial# of the device: 0011C103358 Current PANOS version: 5.0.4 Customer requires information that whether CVE-2015-0310 will have an impact on the PANOS version or not and if yes then is there any patch available?An exploit for CVE-2015-0310 exists in the wild, which is being used in attacks against older version...

tac.in by L3 Networker
  • 3405 Views
  • 5 replies
  • 0 Likes

DNS Spyware Vulnerabilities - Why aren't the FQDNs in Malware Category?

Today I switched on the "strict" Spyware anti-spyware policy on my outbound Domain Controller DNS policy - I'm seeing a lot (I mean a lot) of requests blocked for things like advertising networks.Here are 3 DNS queries that were blocked, and they're indicative as I've picked them at random:d.audienceiq.comd.p-td.comp.adsymptotic.comThose flag as...

Resolved! PA sending TCP RST

Hey folks,I've run into a following issue. We have a Juniper MAG box communicating with a web server and a rule in place allowing this communication (source Juniper, destination any production IP, on any port). I can also see in the traffic log that the communication is accepted. However when I did a packet capture on the FW I saw the following:...

URL Logging - Best Practises?

What's the recommendation on the best way to configure a Palo Alto to log URLs visited during regular browsing?We have various categories set to block which are of course logged but I've never quite got my head around the logic of setting something to "alert" when actually I don't want to see it in the URL logs, but I do want it logged - if that...

6.1.1 performance issues?

Has anyone encountered any throughput issues with 6.1.1? I have NOT had any issues until Friday.Installed a PAN200 in vwire mode for a client eval / AVR. Their throughput to the internet was 44mbps before PAN. Through the PAN, it as cut down to 8mbps. Removed PAN and it went back up to 44mbps. With other PAN200s on 6.1.1, I am getting 50+ on the...

SDorsey by L4 Transporter
  • 3741 Views
  • 3 replies
  • 0 Likes

Is User-ID Agent Appv5 compatibility with PAN-OS V6?

We have a new PA-3020 running on version 6 and I'm using our old Windows User-ID agent running on version 5 that are currently operational in our environment. I've configured PA-3020 to connect with the User-ID agent but I'm having an authentication issuePAN-3020> show user user-id-agent state allAgent: ad-agent(vsys: vsys1) Host: 10.2.2.2 (1...

Global Protect Gateway License

Just a question about Global Protect Gateway License. Currently we're planning to deploy PA-5050 for our Data Center Infrastructure. Is Global Protect Gateway License is a requirement? For what I've understand, this is only a requirement if you're going to use remote access or SSL VPN but since this is only for our internal security and no remot...

Resolved! XML reports in Email Scheduler?

I know you can export a report as an XML manually but when you create an Email Scheduled report I don't see any options.Are emailed reports only in PDF or is there an option somewhere to select this?Thanks!

Dz3015 by L4 Transporter
  • 2530 Views
  • 1 replies
  • 0 Likes

PAN2050 data stops when global protect client downloaded

Has anyone seen this issue? We have had this issue for months with no relief and am at my wits end. Forgive me if my frustration comes through......what happens is this:A remote user will login to VPN web page and click the link to download the GP client then..... *poof*! All traffic in every direction stops. ALL the PAN layer 3 interfaces stop ...

OSPF over VPN

Hello,is it necessary to use Numbered Tunnel-IP confuguration when running OSPF over a VPN line?Roman

rkra by L2 Linker
  • 2658 Views
  • 2 replies
  • 0 Likes

Resolved! show config running output

on a local firewall, the output of the show config running output has some encrypted data that does not seem to be a certificate. No --begin certificate-- or --end certificate-- .Does anyone know what this encrypted data is? I thought it might be the licenses installed.

Monitoring A/A HA status and session sync

How have folks setup automated monitoring of HA status and session sync?We see HA instability on a 5060 A/A cluster during periods of high load. The boxes get too busy to respond to HA messages, lose heartbeat, and start to think the links have failed. Normally, they recover automatically when the load decreases. But this weekend, we had a cas...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks