This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4119 Views
  • 0 replies
  • 0 Likes

FTP session logged as 2 TCP sessions

Hello.I have a problem with the way PA handles FTP sessions. I have a general rule which allows privileged user groups to have full access to a certain network. So application and service in this rule is 'any'. One of the applications users will be using is FTP. When I look at traffic logs i see 2 TCP session for each use of FTP application. Let...

santonic by L6 Presenter
  • 12928 Views
  • 19 replies
  • 0 Likes

Filter Security Policy by Profile column?

How do I filter the Security Policy to show only those rules that have a specified profile, or no profile, assigned? We have a large, ~560 rule rulebase. I need to be able to easily find rules that have a specific profiles assigned. Scrolling through the entire rulebase rule-by-rule is more than time consuming - it easily leads to missing what y...

Resolved! 6.0.5 h3 explanation

Hi allcould someone give an example about 6.0.5 h3 asymmetric bypass.When to enable that ?how that asymmetric trafic works with 6.0.5 but not with 6.0.5-h3 ? That is the thing I'm confused about.

PanIst by L3 Networker
  • 10402 Views
  • 10 replies
  • 1 Likes

Panorama commit procedure

heydoes anyone have a document that describes "step by step" the commit procedure of the panorama?just had a quick talk with support and apparently the commits from panorama are calculating directly to the running configuration

minow by L4 Transporter
  • 9167 Views
  • 6 replies
  • 0 Likes

User ID Agent

I have a problem where the user id Agent is reporting the wrong user to an IP. For example, user a is 10.1.1.5 and has id test1Sometimes user b with an id of test 2 shows up with 10.1.1.5 which is not accurate, if I do a show user Ip mapping it shows test 1 is mapped to 10.1.1.5 and test 2 is mapped to a 10.2.2.5.These are example IP's.What is h...

markk96 by L3 Networker
  • 6573 Views
  • 10 replies
  • 0 Likes

Resolved! not-resolved URL Category

We are seeing a large amount of url logs being categorized as 'not-resolved' at a rate of about 5500 per hour. After reviewing logs to compare it appears it started a few days previous. What is strange is a site will be categorized as 'not-resolved' but a second or two later it is properly categorized. For example: www.napaautopro.com category =...

lewis by L4 Transporter
  • 13306 Views
  • 13 replies
  • 1 Likes

NSS Labs Report - Mitigation for claimed vulnerabilities?

Seriously? | NSS LabsCould someone elaborate on the section which says:All PAN-OS devices require a configuration change to detect even the most basic TCP stream segmentation evasions. The “Mismatched overlapping TCP segment” protection in the Zone Protection profile is not enabled by default, which allows attackers to bypass the device complete...

Resolved! NAT Rules

Hello,I was wondering if anyone could explain the following scenario to me as I seem to have found a bug with NAT policies.On our PA-2050 v5.0.8 I have configure three zones: inside, dmz and outside, and a host in the DMZ. I created two NAT policies, one is static for the spam appliance (MX) and another is a catch-all for other servers in the DM...

MikeBull by L0 Member
  • 4547 Views
  • 4 replies
  • 1 Likes

Resolved! External Data Port Cabling

Halloi am setting up a new PA 3050 FW. I dont want to use the management port to connect to internet and download updates. So I am following the admin guide to "Set up an External Data Port" for updates. Now as per that:1. I set up a port, say e1/4 on PA 3050, as an internal port in "L3-Trust" Zone and give it a static IP address 192.168.35.100....

Resolved! Print policies/objects/rules

Hi,Is there any way to print the PA policies??? i would like to print the window with all policies NAT/security.... Its possible to do it or i would have to use "Print Screen" many times :''( thanks

SOC_CSG by L4 Transporter
  • 4654 Views
  • 5 replies
  • 0 Likes

Resolved! Unable to access PA-500 GUI "Creating Administrative Session"

Hello, Today, when i try to connect PA-500 user interface, after login, PA-500 WEB server shown (as usually) "Creating administrative session. Plase Wait..." for a while, and nothing happen. Chrome Browser shown "Page is not responding".I tried to login with other browsers, from other PCs - not result.I can access the CLI, i restarted web-server...

Resolved! url log without profile

Hi ,Why do we see url filtering logs although there is no any url profile ?logs related to denied app. like ultrasurf and hot-spot shield

Employee Privacy in the Global Enterprise - SANS Reading Room

For those of you with global Palo deployments, here's a paper to get you started on what you should know about employee privacy issues. This issue can be complex in countries outside of the U.S."Next Generation Firewalls and Employee Privacy in the Global Enterprise”http://www.sans.org/reading-room/whitepapers/legal/generation-firewalls-employe...

RyanF by L2 Linker
  • 2799 Views
  • 1 replies
  • 0 Likes
  • 24335 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks