This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Need to migrate checkpoint firewall config files to palo alto xml file.

Hi All,Kindly let me know the solution for the same....Stopped the services in checkpoint using cpstop command using CLI and and targeted the folder called upgrade_tools directoryRun the command called upgrade_export and named the new export file and output came with file called .tgz successfullyUnzipped the file called Upgrade31.export.tgz and ...

Krish by Not applicable
  • 4892 Views
  • 4 replies
  • 0 Likes

ike policy

What part of the configuration on the PA matching what is called the ike policy on the Cisco?

infotech by L4 Transporter
  • 9826 Views
  • 22 replies
  • 0 Likes

Custom Vulnerability Object to detect Failed WordPress Logins

I'm trying to stem the flood of wordpress brute force attacks coming into our network (we host a lot of WP sites). Detecting WP logins is relatively easy, by setting up a signature that looks for the regex wp\-login\.php in the http-req-uri-path context with the http-method = POST qualifier. I can now see all of the wp-login requests coming into...

Resolved! security-policy-match from the API

I'm trying to write a tool that will test security policy from a web portal. I cannot seem to get the command working properly, though. The URL I'm using on the firewall is this:https://host.local/api/?key=keyhere&type=op&cmd=<test><security-policy-match><source>192.168.2.1</source><destination>192.168.3.1&l...

txadmin by L0 Member
  • 4110 Views
  • 3 replies
  • 0 Likes

Resolved! Error when trying to restart management-server

My PA 2020 box has been a bit slow of late, and it also has failed on 2 commits so I thought I would drop onto CLI and do a debug software restart management-serveras this would usually pick things up when I have had the problem in the past.But when I do this command I get the following Process 'mgmtsrvr' executing RESTARTJul 31 12:06:35 Error: ...

JRussell by L3 Networker
  • 11723 Views
  • 4 replies
  • 0 Likes

Antivirus profile question, wildfire action?

Hello,Have a question about how to configure an antivirus profile. When try to define Decoders and actions can see a tab for "Wildfire Action" and that's where my confusion appear. what's the purpose of this tab? that implies that if I select block, all the files were be blocked? ? As far as I know wildfire is an "on the cloud" scanning system b...

Is it possible to enable url redirection in PaloAlto?

Hi All,Scenario: We have the web server for example.com in trust zone, Any person can access it by anywhere due to destination NAT in firewall with public IP for example.com.Problem : As we don't have internal DNS server which resolves the example.com, due to this all the request from LAN to example.com is going to internet(public DNS) and comi...

Gururaj by L4 Transporter
  • 11456 Views
  • 5 replies
  • 0 Likes

Wildfire -> DNS Signatures -> PAN-DB

Does anyone know the flow that the PANW Firewall goes through to update the DNS Signature data? Does Wildfire detection feed the DNS Signatures and then PAN-DB categorizes the URL as Malware?Thanks,Jeff

jwolach by L4 Transporter
  • 3141 Views
  • 3 replies
  • 0 Likes

Resolved! DRAM | Platform specification

Hi all, Based on documentation on this topics >> Platform Specifications Are there anyway to show DRAM (such as PA-5060 is 29 GB) on CLI? Best Regards,

My palot blocks the access to internet

hello Paul I was placing the 200 pa for a client in transparent mode. positions of lan n 'happens more to go on the net. Here the architecture of the network before. (lan) ==> (ISA) ==> Internet RAS -------------------------------------------------- ---------------- after (lan) ==> (PA 200) ===> (ISA) ==> Internet more over intern...

camagate by L1 Bithead
  • 2503 Views
  • 2 replies
  • 0 Likes

Having trouble granting access for an application

Hi!One of our customers have RDP access to a server, works like a charm. And now I was about to grant access to an application using port 4850 and 4851, but it would seem that this wouldn't be that simple.I've attached the NAT of the working RDP, and the non-working OPC application:(I've also added the newly created application to the existing S...

Resolved! vsys and subinterfaces

HiI have an aggregate interface with a subinterface assigned to vsys1. Is it possible for another subinterface of the same aggregate to be assigned to a different vsys?i.e.ae1.10 (vlan tag 10), layer 3 type, assigned to vsys1ae1.20 (vlan tab 20), layer 3 type, assigned to vsys2CheersSteve

SteveMc by L1 Bithead
  • 6752 Views
  • 2 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks