This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4234 Views
  • 0 replies
  • 0 Likes

PAN-VM HA Link Group Monitoring Issue

Hi,I have a pair of PAN-VM in active/passive mode and configured link group monitoring with four member ports and when I disconnect one of the ports from vSphere the failover happens quickly and marks the node as "non-functional (Link down)" but when I connect back the port the status does not change and failback not happening unless I remove th...

Question on QOS

QOS is something I am looking to start using for a few things but I just had a couple of questions about it.So firstly, I can set a QOS rule and assign a class. I know I can create profiles on the class, but lets just say I use the default classes that are setup. If I create a rule saying that a particular range of IP's going through my internet...

JRussell by L3 Networker
  • 6512 Views
  • 9 replies
  • 0 Likes

Captive Portal; User loosing internet access

Hello,A user is complaining that he is losing internet access randomly through the day. After he refresh the web browser a couple of times or logs off he is able to access the web. The error he gets is a generic IE 10 error, "This page can't be displayed" etc... When I looked at the firewall, Logs -> Traffic, I notice under the "Source User"...

Global Protect + LDAP + Cert Auth = Auth Fail AND Auth Success

Is anyone else running this setup...Global Protect VPN(iPads specifically) using LDAP(Active Directory) AND client certificate for authentication....if you are, have you noticed in the System logs, when a user authenticates to Global Protect the PA logs one or two Auth Fails followed by an Auth Success?Our users are not noticing anything on thei...

jambulo by L4 Transporter
  • 3364 Views
  • 3 replies
  • 0 Likes

Resolved! SMTP long MAIL anomaly Vulnerability(30392)

The description says "This signature detects an anomaly in SMTP protocol. It would trigger when anoverlong mail command argument is passed to MAIL command."Can anyone elaborate on this definition or know where I can access more detailed information about this threat ID?Thanks !!!!!

Resolved! IPSec-ESP No matching record

The last few weeks I have noticed a large amount of traffic on the Network Monitor coming from IPSec-ESP. I moved several VPN tunnels off our old WatchGuard to our Palo Alto PA-3020 around the time this started. When I click on the application itself to filter it I see that it cannot identify anything about the traffic. Is this normal? Shoul...

ClintL by L2 Linker
  • 11260 Views
  • 15 replies
  • 0 Likes

Encrypted Traffic over the Palo Alto

We have site to site VPN (both side PA) in our network, I want to send some encrypted traffic over the tunnel , How the palo alto will decide the encrypted traffic not to be scanned (threats) and filtering rule also not applied for the those traffic. Please suggest.

tiwara by L3 Networker
  • 5800 Views
  • 4 replies
  • 0 Likes

Fan RPM defaults for a 3020

I recently purchased a PA-3020 and just fired it up for the first time. The first thing I have noticed is how loud this device is. It is almost deafening and can be heard in the hallways behind a door in my server room. Is this typical behavior? I check the fan RPM speeds and all four are registering around 14k. I called support but they st...

rayb by Not applicable
  • 3915 Views
  • 2 replies
  • 0 Likes

Dual ISP

My main PA is configured for dual ISP's and I am going to put third party certs for my global protect clients. Do I put two certs on? One for each ISP?

infotech by L4 Transporter
  • 8179 Views
  • 17 replies
  • 0 Likes

Resolved! Help With Custom Datafield or Vulnerability

I have a Snort rule for a specific network activity I wish to either block or alert on. I would like to translate this into a PAN. Would it be best to do a data field or a vulnerability?alert tcp any any -> any any (content:"|6E|"; depth: 1; content:"|36 36 36 58 36 36 36|"; offset: 3; depth: 7; msg: "Beacon C2"; sid: 1000000001; rev:0)

SDorsey by L4 Transporter
  • 3541 Views
  • 5 replies
  • 0 Likes

Use VM-100 With Could Provider - MAC Issues

We are trying to set up a VM-100 as the entry point to a virtual data center. We have run into an issue with the MAC addresses on the VM device not matching the MAC addresses on the Palo interfaces. We appear to be stuck at this point. Apparently it is not possible to change the MAC addresses inside the Palo. We approached the cloud provider abo...

khansen by Not applicable
  • 4006 Views
  • 4 replies
  • 0 Likes

API test url category

I want to use the API to query URL (Brightcloud) categorisation. This is the command in the CLI:pan1(active)> test url theguardian.comtheguardian.com news-and-media (Base db)running the same check via the API browser:https://x.x.x.x/api/?REST_API_TOKEN=250290343&type=op&cmd=<test><url>theguardian.com</url></test&...

  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks