This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4228 Views
  • 0 replies
  • 0 Likes

Configure Certificate Based Authentication for IKE: ISSUE Cert

Hi all,I config IPSec betwen two PA device: 1 PA5020 and 1 PAI config as guide: How to Configure Certificate Based Authentication for IKE on PAN-OS 6.0I generate CA on PA 5020 and import to PA 200But on PA 200 i can't sign new Cert with the imported CA certificate.I try generate all cert on PA 5020 ( root CA & signed CA) and import to PA 20...

dat.tran by L2 Linker
  • 7373 Views
  • 6 replies
  • 0 Likes

can we get the lost pre-shared key ?

Hi ,i have a palo alto firewall, i have been asked to put together the pre-shared keys for our VPN peers.i am not able to locate the key for some tunnels, is there any way i can recover the key from my config ?Regards,~Harry

Harshit by L3 Networker
  • 8787 Views
  • 2 replies
  • 0 Likes

Suspicious DNS Query

Hi All -Looking through my threat monitor and I am seeing a lot of Suspicious DNS Query entries in there. I have two internal DNS servers, and the entries are for both of them -- the drop-all-packets action is being taken, so it's good the PA is stopping them. If I had to take a guess, 90% of the entries in my entire threat monitor are the Sus...

Resolved! GP Error "Server certificate verification failed"

Dear communityAfter updating GP to version 2.1.0 I get the message "Server certificate verification failed" when trying to connect.The same connection with GP version 2.0.4 works fine. The reason for updating is OSX 10.10 Yosemite.I can't see any errors on the box or the client. Does anybody have an idea?Box is a PA-2050 running PanOS 5.0.12The ...

Resolved! Clear the threat pcap database

Hey all,Is there a way to clear the threat pcap database?We are running PanOS 5.0.x so the pcaps are not automatically overwritten, and we get the message saying our daily packet capture limit has been reached.We have turned off pcaps on the security profiles, so no new pcaps are being taken, but the database remains full...I know you can clear ...

mr.linus by L4 Transporter
  • 5927 Views
  • 3 replies
  • 0 Likes

Basic GlobalProtect Walkthrough

Hello,New customer here, currently working my way though configuring the various parts of the firewall...At the moment, I'm working on User VPN, and I'm finding it difficult to find clear step-by-step documentation. I did manage to make an SSL vpn connection earlier today, but the only traffic I see on the firewall is DNS and a few LDAP connecti...

Skype manager custom application

Hello,I'm actually blocking skype application but I would like to allow skype manager web site (https://manager.skype.com/).The web site manager.skype.com is blocked because recognized as skype application.The idea is to build a application that allow skype with hostname https://manager.skype.com/ The custom app I created is here below but it do...

Dropbox uploading

For dropbox on the web. I need to block uploading, this works with chrome, ie. but with firefox if i create a File-Blocking policy with the following. Firefox will not stop the dropbox upload. IE and Chrome will. Any application upload blockapplication web-browsing upload continueIf I remove web-browsing application from the policy object the...

markk96 by L3 Networker
  • 3616 Views
  • 4 replies
  • 0 Likes

Terminal Server Agent

Is there anyway to import a list of Terminal Server Agents installed to the firewall?I have about 250 Terminal servers.

markk96 by L3 Networker
  • 4673 Views
  • 4 replies
  • 0 Likes

Resolved! CLI listing of all Security Policies

We are trying to reduce our unused Security Policies. We created a custom report to show Security policies run in the past 30 days.I would like a listing of all Security Policies and then remove the Policies that have not been run in 30 days. I am trying to figure a CLI command to list all security Policies. The custom report only shows polic...

Jshively1 by Not applicable
  • 10024 Views
  • 5 replies
  • 0 Likes

PAN failover causes Cisco issues

Hi Guys,Has anyone seen the PAN causing an issue with Cisco ASAs when doing a failover? I don't have much details yet but wanted to see if anyone has seen this or something similar.Thank you in advance.

x by L1 Bithead
  • 6283 Views
  • 7 replies
  • 0 Likes

security policies: application vs service

how are application and service treated in a given policy?multiple apps in a policy?multiple services in a policy?apps and services in a policy?how are the different scenarios and'ed or or'ed?ThanksDavid

Can I make custom application from MIME type?

Hello,I want to make custom application(or vulnerability) from MIME type.EXE of MIME Type is 'application/x-msdownload'So I made two customer applications as the following patterns.1. application/x\-msdownload2. \x61 70 70 6c 69 63 61 74 69 6f 6e 2f 78 2d 6d 73 64 6f 77 6e 6c 6f 61 64\xBut FW detected these custom applications which are tried to...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks