General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

Tentative firewall ssl traffic issue

We are doing linking monitoring and are failing over the firewall if the inside interface goes down. The tentative firewall is sending unencrypted traffic like http and pings dns etc over HA3 to the the peer and that traffic is processing fine but it does not send the encrypted traffic like ssl and ssh to the peer over HA3 and it trying to proce...

Resolved! PA5020 and Proxy Server

I have a PA5020 and am using a proxy server to filter internet traffic. In the traffic monitor all the traffic I see going to the web is from the proxy server. I turned this feature on on the firewall. Enabling support for the X-Forwarded-For HTTP header. After enabling this feature I didn't see any difference in the monitor section of the ...

User-ID agent connects and disconnects in seconds...

Hey Guys,Can someone please explain why the User-ID connects and disconnects immediately. I can see this happening under the system logs thereby this does not populate the source users under the traffic and url logs.I tried looking up the knowledge base to understand this issue but was unsuccessful. I then even went through the whole process o...

Wildfire Alert - Malicious status but benign detail

Has anyone else seen this before? A Wildfire verdict is coming back as 'malware\malicious', but the detail shows benign.I am assuming that the 'missing' second VM maybe malicious in status, so it may be more a case of this analysis being missing in the UI.

Resolved! commit Issues

whene i try to do commit i reciver this message""""""""""""Management server failed to send phase 1 to client dhcpdManagement server failed to send phase 1 abort to client dhcpdManagement server failed to send phase 1 abort to client sslvpnManagement server failed to send phase 1 abort to client satdManagement server failed to send phase 1 abort...

Are there any sign indicating lost internet connection in GP 1.2.9

I need to know if there is any way to show the GP status as disconnected or reconnecting status when we have intermittent internet connections. Because, I have some issues with my customers when the internet connection is intermittent. The GP client appears as connected and the user tries to access the network resources but it is not possible be...

Proxy ID

How can you tell what proxy ID's need to be configured on a PA that has VPN tunnels to a Cisco ASA 5505?

panorama: Do not see data report from scheduler.

Hi All,I configure a report from panorama and set schedule for sending result to my email.I have receive email from panorama via two file : a .dat file with key code inside, and a .pdf file with no data.I do not know whyPlease help me

How to move licensing and SN of Panorama from one VMWare environment to another

Hi GuysI need some help/thoughts on how to do the following:I have 5 Panorama servers that are virtual in Montreal.I need to move them ffrom Montreal to a different VMWare environment in ChicagoI need to know if there are any problems with doing such a thing.Is there a document that can be found to do this.I am concerned about a different CPUID/...

URL filtering profile

For particular traffic, session created and security rules hitsBut URL filtering profile blocks the traffic....when allow the unknown in URL filtering profile -traffics are allowed.In Logs: Packet categorized as Unknown udp...This traffic is Tally ERP 9.0 from client-server.Can i create custom app-id? with pattern or not?..so that the particular...

Resolved! Configure NAT Policy for Exchange Server

We are brand new to Palo Alto and are configuring our first device, a PA-3020. We've been trying to configure a NAT policy that will direct inbound email to our Exchange server. Outbound email seems to work fine. Inbound email doesn't seem to be even hitting the firewall since there are no log entries. We have a Sonicwall firewall in place now a...

Resolved! What is a QoS Clear Text Node?

In the QoS Capacity by PAN model document: https://live.paloaltonetworks.com/docs/DOC-1231Could someone explain what a clear text node is?

Panorama Threat Log doesn't display Custom Vulnerability Name

I have a Custom Vulnerability (41000) with the name "NXDOMAIN Response". The name displays correctly in the Name Column when viewing the Local firewall Threat Log. However, when looking at the consolidated Panorama Threat Log, the name appears as 41000. Does anyone know if this is a bug in Panorama or is it supposed to do this?Thanks,Jeff

Route outgoing gmail application received on specific internal interface out different Public IP

I'm trying to figure out the best and easiest way to route all gmail application (gmail-base and gmail-enterprise primarily) that enters on an internal port from one network and send it out using a separate pubic IP we have. Currently all internet based outbound traffic goes out a using a single IP and we are having an issue with that IP getting...

Resolved! SSL Decryption Firefox issue

I am testing SSL Decryption and have setup the certs. IE and Chrome work like expected. But firefox is having an issue with untrusted site error (Error code: sec_error_untrusted_issuer)Has anyone worked around this problem before?

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!