This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! ftp export log

Anyone know how to translate this show CLI command into the ftp export equivalent? > show log traffic src in 10.0.0.0> ftp export log traffic ?? (assuming query would work)I would prefer not to export all logs only need a subset.Thanks,Monica

MLaden by Not applicable
  • 3626 Views
  • 2 replies
  • 0 Likes

Resolved! About a session generated by override rule

Hi guys,A session generated by override rule that can be applied rematch session after commit configuration successfully? Or not? I guess that rematch session would not impact to session generated by application override rule.Please let me know above question.Thanks.Regards,Roh

Resolved! Apply policy on a vwire interface in passtrough mode

I want to apply a policy on my vwire interface but i have this error: Operation Commit Result Failed DetailsIn VSYS vsys1 from zone VW-MPLS-Trust of type vwire and to zone UNTRUST of type layer3 are incompatible in security rule Application block Configuration is invalid Is it possible to know how to apply a policy to this interface, if ...

dsevigny by Not applicable
  • 2991 Views
  • 2 replies
  • 0 Likes

Disable Inspection for Sip ?

In the ASA you can disable SIP Policy Inspection. In the Junipers I think you disable the ALG. How do I do this in the Palo Alto ?Firewalls often try to apply rules around the way protocols work which can cause them to break. I dont want SIP to be inspected or held against some EEE Group Standard. This might be breaking some video conference tra...

jhickey by L3 Networker
  • 13083 Views
  • 6 replies
  • 0 Likes

Good Technology Issue

Currently, we are experiencing an issue with a product called Good Dynamics version 1.4.31.5. The vendor "Good Technology" is stating that the Palo Alto firewalls are causing an issue with some sort of SSL heartbeat connection. Is there an know issue with this software work through the PA architecture? Any help would be appreciated.Randy

Westar by L0 Member
  • 1969 Views
  • 1 replies
  • 0 Likes

machine authentication

hello!we have a need to identify user machines associated with a domain. specifically, we want to create security policies based upon domain membership. is that even possible, and how would we achieve this functionality?thnx!

Resolved! SSL Decryption Whitelisting

So, I have just implemented SSL Decryption in our environment and we hit a website that appears to not work properly because of it. (It's sap.com, click on the login link in the upper right.) We don't see any errors in the firewall but the login prompt doesn't come up for us.The question is, is there any way for me to whitelist *.sap.com from SS...

Eval question

Given a flow and properly written policy to allow Facebook and its myriad apps/widgets on port 80/443, other than the admin management overhead (i.e., having to open ports 80 and 443), how is what Palo Alto does different from what Checkpoint does?This question addresses the quote below (found on the link shown).http://researchcenter.paloaltonet...

derasa by L0 Member
  • 2185 Views
  • 1 replies
  • 0 Likes

Counter to identify if device is dropping traffic

Hi Everyone,I am looking for help to identify the best way to see if my firewall is dropping traffic because it cannot keep up with the amount of traffic going through the interface. I want to make sure my firewall can keep up with the amount of traffic going through it. Also, I am looking for any other ways to determine if my firewall is not ...

What is the default syslog format in PanOS 5.x?

For all the various log types (config, system, threat, traffic, HIP) what is the default syslog format?All the fields are available to edit in when creating a custom log, but it would be useful to have the default format defined for reference.

bds by L0 Member
  • 2852 Views
  • 1 replies
  • 0 Likes

external captive portal

I'm thinking about trying something a little out of the square with user-id and captive portal. Let me start with the context and business goal:The PAN is deployed as a data centre firewall.I'd like to use some policies that permit clients access to an application only if the user is known.I'd like to use some policies that permit clients access...

  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks