This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4121 Views
  • 0 replies
  • 0 Likes

Resolved! Copying security profiles between PAN devices

Is there a way to copy security profiles and custom sigs from one PAN device to another? We have 3 PAN devices (one PA2020 and 2 PA500's) and don't want to recreate the profiles/sigs using the GUI on each device whenever we make a change.Perhaps this can be done at the command line or via config file xml parsing?Are we stuck having to pay $10k f...

rosboro by L1 Bithead
  • 5007 Views
  • 3 replies
  • 0 Likes

Unorthodox use of vulnerability signatures, data filtering for URL blocking. Please advise.

Ok so I'd really like to skip the part about why my organization does this and get to the part about what should I be concerned about... Our PA is set up to block many many many URL's using URL Filtering, just as you'd expect any org to do, but there have also been many Data Filtering regex signatures created solely to block URLs as well. Often...

Cap by L0 Member
  • 4051 Views
  • 4 replies
  • 0 Likes

Resolved! SYSTEM ALERT : high : Syslog connection established to server

I have mail notifications enabled for high and critical system logs. Because of this, I receive the following mail multiple times a day:SYSTEM ALERT : high : Syslog connection established to server['AF_INET.10.0.0.49:514.']domain: 1receive_time: 2013/11/07 14:01:28serial: 00xxxxxxxxxxseqno: 14814actionflags: 0x0type: SYSTEMsubtype: syslogconfig_...

Captive Portal with NTLM authentication redirect loop

Hello,I have successfully configured a captive portal with NTLM authentication for User-ID and users are successfully authenticating using NTLM, but right after that they are stuck in a redirect loop on the following page:User Authentication in ProcessThe original web page you requested will load when the authentication process completes. Click ...

BLazarov by L1 Bithead
  • 3016 Views
  • 2 replies
  • 0 Likes

Resolved! VPN-SSL through Palo Alto

Hi, im having problems connecting with VPN-SSL clients (Global Protect and SonicWALL VPN Client). We have a firewall Palo Alto to go to internet and i use these VPN clients for connecting to several branches but i dont know why my Palo Alto (which VPNs go through) is having a strange behaviour. I dont see any connection in the MONITOR TRAFFIC ab...

SOC_CSG by L4 Transporter
  • 4209 Views
  • 4 replies
  • 0 Likes

Resolved! QOS on Interface with 20 Mb

Hello,I want to restrict bandwidth on interface e1/2 with 20 Mb I have created QOS Profile with wireless and applied that on interface e1/2.Enclosed are the snapshots for your reference. Please advise that it who to test this profile.Thank you.

Suspicious DNS Query Action

Hello PAN Community,I would just like to know if its possible to edit or change the default action for a specific suspicious DNS query?We have a situation here where what we wanted to happen is to drop all the packets for suspicious DNS query instead of resetting both connection.Thank you in advance.Regards,Hartkently

SSL VPN - Basic Questions

What basic steps have to be complete to allow a remote user to enter an ip address in their browser and get the ssl vpn authentication screen? We currently get an eventual timeout when we try to connect from a browser. We followed the basic GlobalProtect setup steps, but, just wondering if there is something 'dumb' that we are missing.Thanks!

shank by Not applicable
  • 8096 Views
  • 11 replies
  • 0 Likes

Resolved! Making server available with NAT doesn't work

Today I tried to configure our PA500 firewall to make a server from our DMZ zone available for Office 365. But first I will explain our network topology.In our company we have 2 internet lines, one for internet and the other one as backup. After this backup line we have several public IP adresses, so I want to use these IP adressen for publishin...

ZEBIT by L3 Networker
  • 3000 Views
  • 2 replies
  • 0 Likes

User-ID sometimes missing ntlmdomain\ on the firewall

Hi,I've recently seen this a couple of times on completely separate firewalls / AD infrastructures (a 2050 cluster and a 3020 cluster, both running 5.0.8). User ID is setup and working fine along with LDAP group mappingHowever on the odd occasion users report applications or URL categories blocked that should be allowed. It often "goes away" aga...

Dpeters1 by L2 Linker
  • 6932 Views
  • 6 replies
  • 0 Likes

Wildfire - is the full subscription worth it?

Apologies for the somewhat blunt title but it really is as simple as that I've been using the bundled WildFire service for some time and did begin to wonder if it was working until it pinged on a couple of zero day Zeus trojans - seems our folks are just too well behaved by and large.Anyway, I'm on the 30 day trial license and I wanted peoples v...

How to setup a redundant IP?

I'm trying to setup DSL as a redundant internet provider, incase the Cable goes down. I saw a 3.1.1 document on Dual ISP Branch Office Configuration and got confused. Our PA-500 is using 4.1.6 Wondering if anyone could help me on this?ethernet1/1 layer 3 173.167.129.91/29 (IP Router) Primary ISP ethernet1/2 layer 3 ...

ssoiret by L0 Member
  • 3369 Views
  • 1 replies
  • 0 Likes

How to test your firewall

We have a Palo Alto PA500 with several security rules. It seems okay, but the CEO asked that I'm sure the company is secure.So the question is, how can I test we are safe from the outside world?

ZEBIT by L3 Networker
  • 6417 Views
  • 6 replies
  • 0 Likes

PA-3050 stops processing traffic

Has anyone had a PA-3050 stop processing traffic? Our PA-3050 started dropping all traffic today (internet access, DMZ, etc.), we failed over to the standby unit and were able to restore service. Currently we have a support ticket opened but wanted to know if anyone here has had a similar experience. Thanks!

PANOS 6.0.2 release date

hello,is there a confirmed release date of PANOS 6.0.2? A month ago I had a case open, where the support guy has told me that the expected release date is arount the 21th of April. Today is the 24th and still nothingthanksRudolf

  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks