This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Badbox malware

Hi, Our ISP keeps alerting us that we have a malware infection with something called android.badbox somewhere on our network but the source as they see it is our DNS server. They've provided the DNS query which they're seeing (for an A record) but we don't have the facility to log client queries on our DNS system. We've searched the paloalto thr...

Address Group and Tag limitations

The necessary firewall rules for each application are defined by labels. If a workstation needs access to it, the label is requested and assigned (XML-API), so each Workstation has its own set of firewall rules. I tried implementing this requirement using different approaches, but unfortunately, everything failed due to several limitations. Fir...

HeinzP by L1 Bithead
  • 2096 Views
  • 7 replies
  • 0 Likes

Palo Alto - Barracuda IPsec VPN problems

We've a IPsec-VPN IKEv2 between Palo Alto (10.0.7) and Barracuda (8.0.5-0341) with 10 IPsec tunnels, one VPN-tunnel per subnet-pair, on Palo side "proxy IDs".At least once every day, some of these ipsec-tunnels go down and can only be forced to come up again with manual "initiate" on Barracuda.The Palo Alto is set to passive.Normally, every 35 -...

ChrisCon by L2 Linker
  • 19196 Views
  • 13 replies
  • 0 Likes

Cortex - many aged-out connections on 35.244.133.254

Hello,We are experiencing a high number of aged-out connections from our Cortex agents and brokers on 35.244.133.254.When the connection is successful, the app-id traps-management-service is detected by our firewall.Do you also encounter this behavior?Thanks !

RezhoPsq by L0 Member
  • 937 Views
  • 2 replies
  • 0 Likes

how can we confirm if there is existing firewall rule or not in the policy by filtering by source and destination IP address and port numbers.

I can find existing firewall rule in the Firewall policy by searching by just source IP address or Just Destination IP address but our Firewall policy rule base is huge and i need to filter it by Source IP and destination IP address (both) and possibly by port number as well , (Just like Checkpoint). can someone kindly share screenshot of this, ...

Need help uninstalling Cortex XDR

Hi, I am looking to get help on uninstalling Cortex XDR from my personal machine. I have tried creating an account and opening a support ticket via https://support.paloaltonetworks.com/, however it just directs me to an error pageI do not have the uninstall password, and the online recommendations to try Password1 for cytool protect disable did ...

Issue with PA-445 Failover - Interface Reset

We just replaced our active-passive PA-850s with PA-445s and have run into an issue when we failover the firewalls. On failover, all the data-plane interfaces on the new active node go down for 20 seconds before coming back up. This is dropping every active connection through the firewall. We did not see this behavior on the PA-850s (failover...

Resolved! No app ID for for WinRM, port 5985?

I am trying to add WinRM to a allowed policy and I am not finding the app for it. Does PA call it something different? I was thinking there was a way to search the app db by port but nothing is coming up.

jeffm by L0 Member
  • 8185 Views
  • 4 replies
  • 0 Likes

Resolved! QoS profiles on Aggregate interfaces

In advance - thank you for your help.I am trying to create a QoS profile. Here is my scenario. I want to apply a QoS profile to a public IP I own to do one of two things. 1 Give it priority over other traffic OR (complete opposite) rate-limit traffic FROM this IP out of my Internet interface on my PA.What I am testing:Created a QoS Profile ca...

ZachSmith by Not applicable
  • 8554 Views
  • 7 replies
  • 0 Likes

Migrate PA-3260 cluster to 3420 (managed by panorama both)

Hi, i have to do this migration. So my steps will be: 1) Install the same version 11.1.x as the old cluster. 2) install licenses 3) add new cluster tu panorama 3) add the device group old cluster to the new one. 5) clone template old cluster to the new one cluster and check the possible interfaces/clusterHA-ID changes to the new cluster. IS th...

BigPalo by L4 Transporter
  • 1049 Views
  • 1 replies
  • 0 Likes

Requests from internal company DNS to Root-servers.net

Hi, i'm observing in the fw logs massive requests from company dns servers to root servers (53 udp).These servers are generally named *.root-servers.net.I know that our Dns are configured to interrogate our provider DNS.Do i need to allow communication to root servers? How to securely address the policy rule as i cannot allow all dns query (to a...

Active - Active firewall deployment across two data centers

Hi All, We are exploring the firewall deployment options for one of our customers who have a requirement to stretch few VLANs across 2 data centers most probably using VXLAN/EVPN. The options currently being explored are: 1. Active-Standby firewalls in each data center2. Active-Active firewall with one node in each data center Are there any de...

MGRashmi by L2 Linker
  • 6252 Views
  • 4 replies
  • 0 Likes

Resolved! Palo Alto PAN-PA-220 setup at Satellite Location

My company has a Satellite location with a different ISP. We are thinking about adding a Palo Alto PAN-PA-220 setup at the Satellite Location. Will this device be covered under our current Paloalto support coverage?

  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks