This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4240 Views
  • 0 replies
  • 0 Likes

NSS Labs Report - Mitigation for claimed vulnerabilities?

Seriously? | NSS LabsCould someone elaborate on the section which says:All PAN-OS devices require a configuration change to detect even the most basic TCP stream segmentation evasions. The “Mismatched overlapping TCP segment” protection in the Zone Protection profile is not enabled by default, which allows attackers to bypass the device complete...

Resolved! NAT Rules

Hello,I was wondering if anyone could explain the following scenario to me as I seem to have found a bug with NAT policies.On our PA-2050 v5.0.8 I have configure three zones: inside, dmz and outside, and a host in the DMZ. I created two NAT policies, one is static for the spam appliance (MX) and another is a catch-all for other servers in the DM...

MikeBull by L0 Member
  • 4681 Views
  • 4 replies
  • 1 Likes

Resolved! External Data Port Cabling

Halloi am setting up a new PA 3050 FW. I dont want to use the management port to connect to internet and download updates. So I am following the admin guide to "Set up an External Data Port" for updates. Now as per that:1. I set up a port, say e1/4 on PA 3050, as an internal port in "L3-Trust" Zone and give it a static IP address 192.168.35.100....

Resolved! Print policies/objects/rules

Hi,Is there any way to print the PA policies??? i would like to print the window with all policies NAT/security.... Its possible to do it or i would have to use "Print Screen" many times :''( thanks

SOC_CSG by L4 Transporter
  • 4734 Views
  • 5 replies
  • 0 Likes

Resolved! Unable to access PA-500 GUI "Creating Administrative Session"

Hello, Today, when i try to connect PA-500 user interface, after login, PA-500 WEB server shown (as usually) "Creating administrative session. Plase Wait..." for a while, and nothing happen. Chrome Browser shown "Page is not responding".I tried to login with other browsers, from other PCs - not result.I can access the CLI, i restarted web-server...

Resolved! url log without profile

Hi ,Why do we see url filtering logs although there is no any url profile ?logs related to denied app. like ultrasurf and hot-spot shield

Employee Privacy in the Global Enterprise - SANS Reading Room

For those of you with global Palo deployments, here's a paper to get you started on what you should know about employee privacy issues. This issue can be complex in countries outside of the U.S."Next Generation Firewalls and Employee Privacy in the Global Enterprise”http://www.sans.org/reading-room/whitepapers/legal/generation-firewalls-employe...

RyanF by L2 Linker
  • 2824 Views
  • 1 replies
  • 0 Likes

Resolved! Possible Issues with 6.0.5-h3

Has anyone discovered any issues with H3? I have an odd issue and am not sure if it has to do with the layer 4 changes in the hotfix to address the evasion issues.I have upgraded 3 client sites. No issues at 2 of the sites. On the third side, I have an issue. This client has a public web site in a DMZ. The ACL allows it to be directly accessed b...

SDorsey by L4 Transporter
  • 8438 Views
  • 7 replies
  • 0 Likes

Extended SSO Support for GlobalProtect Agents

Hi,GP 2.1.0 is now released with the extended SSO support: With Single Sign-On (SSO), the GlobalProtect agent wraps the user’s Windows login credentials to automatically authenticate and connect to the GlobalProtect portal and gateway. SSO has been enhanced in this release to so that when a third-party credential provider is being used to wrap t...

Hithead by L4 Transporter
  • 4438 Views
  • 5 replies
  • 0 Likes

Resolved! WAN interface connectivity loss logged anywhere?

Do the PaloAlto's have any functionality to monitor a wan link or tunnel and create a log entry if the link is down or there is significant packet loss? I am able to see these things through external monitoring tools but it would be nice to have a system log entry or something on the PANs as well.

bgirdner by L2 Linker
  • 7788 Views
  • 5 replies
  • 0 Likes

FTP Data - Handshake is not estabilished

Hello,we are struggling with this problem.There is a FTP Client and an FTP Server. Both on different sites. Between them is a VPN Tunnel build with PA 3020 and PA 5020.FTP is working - but sometimes not!!!!!We found the reason for this: This is what I can see at client's siteControlchannel (21) is UPClient asks "STOR myfile.txt"Datachannel Hands...

rkra by L2 Linker
  • 5670 Views
  • 4 replies
  • 0 Likes

Resolved! Legit Suspicious DNS Query?

Since 2013/12/26 I have been seeing a large number of Suspicious DNS Queries (generic: xml12es.farolatino.com), threatid 4011926. After researching the computers that are getting this, they all seem to be going to Microsoft sites prior to this query. From what I have read this seams to be coming from Microsoft Media Player. They use this site...

rgreens by L2 Linker
  • 10452 Views
  • 7 replies
  • 0 Likes
  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks