This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4132 Views
  • 0 replies
  • 0 Likes

Is it possible and OK to disable user cert caching?

After revoking a cert being for GP, the device is still able to connect. I found that it is cached somehow. So is it possible and OK to disable the caching of user certs for authentication?> show system setting ssl-decrypt settingvsys : vsys1Forward Proxy Ready : yesInbound Proxy Ready : yesDisable...

zac_hg by L1 Bithead
  • 6002 Views
  • 4 replies
  • 0 Likes

Resolved! Contact a Sales Engineer

During last night's trouble call the technician mentioned something like 'you have access to a sales (or service) engineer, and we'll have him contact you. It's part of your contract.'Wonderful. Who is this person and how can I find him? Searched on the site but no obvious links titled 'contact your SE'.Thanks,~brian

bdunbar by L3 Networker
  • 3955 Views
  • 3 replies
  • 0 Likes

packet based attack

Hi,Will Choosing all options cause a false positive ?(especially IP option boxes)And how can we see these drops ?Unable to See the Threat Logs for Packet Based AttackThanks

PanIst by L3 Networker
  • 2100 Views
  • 1 replies
  • 0 Likes

Cannot add zone to security rule from panorama

Hello there:I'm new to palo alto through Panorama, so please excuse me if this is a silly issue. I created a template and a device group (without devices in it yet) and started to create everything else (addresses, groups, users, nats, sec policies, etc.). When I try to add a security policy and trying to select one of the already created zones,...

Malware site and response page - problem

HelloSome time ago I created url-filtering profile:Today I found in wildfire report that someone try to download something from malware site, so I try to check is my configuration works as expected.First of all I checked is it still a malware site:admin@PA-200> test url sunrisebrowse.netsunrisebrowse.net malware-sites (Base db) (I'm using Bri...

_slv_ by L4 Transporter
  • 5400 Views
  • 6 replies
  • 0 Likes

QoS Statistics with external tool

Hello,QoS statistics is an excellent tool to check the realtime bandwidth divided by assigned classes.It's possible using of external monitoring tools (Ex. Nagios, Cacti, PandoraFMS, ), to obtain the same graph to have an history of bandwidth divided by class?

netmind by L0 Member
  • 2842 Views
  • 1 replies
  • 0 Likes

Threat ID 1270062

Is anyone else getting these from their reports? Virus/Win32.WGeneric.duznb(1270062) I am wondering if it is false positive - the threat ID database is unable to pull any analysis on it. Please let me know!!! Thank you!!

KMason by Not applicable
  • 3066 Views
  • 3 replies
  • 0 Likes

Resolved! Use proxy only on certain URL's

Hi,I wanted to know if this was possible? We currently have an issue with 1 of our online services and it turns out to be a routing issue between Virgin and BT. The server seems to create 2 connections and when it is one the first connection it is fine, but the 2nd connection just grinds uploads to a snails pace. We found that if we proxy throug...

JRussell by L3 Networker
  • 5881 Views
  • 4 replies
  • 0 Likes

Resolved! Emergency FTP on a Friday Night

PAN-200PAN OS 6.So there are, standing up an FTP server for client use. Got it configured, and tweaked, and secure. Planned to figure out how to open up the firewall next week.After hours. Manager called. I'm on a conference call. Have some client data to move. The old (hosted) ftp server is slow. The new one is fast! How about it ..I l...

bdunbar by L3 Networker
  • 3453 Views
  • 2 replies
  • 0 Likes

Resolved! Latest content updates failing?

Anyone else seeing this one?On both my firewall installations (2020 HA pair and 3020 standalone), the last two content updates (the failed one 473 and the replacement 474) are failing to complete, according to the job log, vis-a-visYet the relevant content update shows as "installed" in the dynamic updates page.Is anyone else seeing this? Or am ...

darren_g by L4 Transporter
  • 5565 Views
  • 4 replies
  • 0 Likes

Resolved! PA-200 Initial Configuration from console only

Trying initial setup of PA-200 using console connection (public on ethernet 1/1, no mgmt connected). I know I have to remove virtual wire, but having validation error below. Any suggestions ?delete network interface ethernet 1/1 virtual-wiredelete network interface ethernet 1/2 virtual-wiredelete network virtual-wire default-vwiredelete network ...

niuk by L3 Networker
  • 3604 Views
  • 2 replies
  • 0 Likes

Resolved! Using a large destination-domain blacklist

Hello,I am considering the use of a domain name blacklist published by the DNS-BH project in a custom URL category that will block access to any of the included domains. However, the list is over 12K entries long, which obviously doubles when I add an additional wildcard entry for each. So, i have a few questions. First, does it make sense to...

schaleg by Not applicable
  • 3220 Views
  • 2 replies
  • 1 Likes

Resolved! Globalprotect Mobile - no cert found

I've seen post like Re: IOS Global Protect APP - Required Client Certificate is not found but the fix was to manually import certificate to phone..How do I make my GP on droid to auto-download cert and connect ? I have same problem on Windows PC , manual cert import make the client working

niuk by L3 Networker
  • 5495 Views
  • 3 replies
  • 0 Likes
  • 24337 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks