This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

allow Skype and Block Skype VoIP and file sharing

HiI've been asked if I can use our Palo's to allow skype messaging only and block users to make calls and send/receive files using Skype. I already seen some discussion saying that this is not possible but i'm wondering if paloalto comes with something new in the new PAN OS 5 and 6 releases since those discussion are from 2012 and 2013.Thanks

Lahcen by Not applicable
  • 2996 Views
  • 1 replies
  • 0 Likes

Resolved! Help setting up a rule to block all traffic at night

OK, I'm new to firewalls in general and I inherited our Palo Alto PA500 with PANOS v5. I"m trying to set up a rule that doesn't let any traffic in or out of the building from 7:00 pm to 7:00 am. Currently my boss has a rule that the last person out unplugs the internet from the LAN. I find this to be ridiculous and insist that we can do somethin...

acole by L1 Bithead
  • 5846 Views
  • 6 replies
  • 1 Likes

Can PA block Web shell or shell script?

Hello, guys~One of my customer want to know whether the Pan block web shell or shell script. In my opinion, there's no ips which can block those attacks 100%. Threat prevention of the PA is signature base also, which means if it detects well-known web shell, it might block it. If not, it can't.It's sure that web shell is based on web server appl...

JTR by Not applicable
  • 4534 Views
  • 1 replies
  • 0 Likes

packet size issue

Hi All,Noticed unable to ping packet size above 996 after upgrading to PAN OS 5.few of our internet apps(cloud) is acting intermittently Anyone encountering the same issue? Any advice is appreciated? Thanks.> ping size 995 source 172.21.194.22 host google.comPING google.com (74.125.226.14) from 172.21.194.22 : 995(1023) bytes of data.72 bytes...

ateo by Not applicable
  • 4363 Views
  • 1 replies
  • 0 Likes

Resolved! Traffic log showing "attempted" rules

Hi,I have a few security policies (below) and did some testing on them, and found the traffic log displaying some interesting results; I have an idea of why this shows up in the log, but may be somebody more experienced can confirm.I have a rule that allows DNS application, any port:and a rule below that allows any outbound traffic:When looking ...

MMCiobanu by L3 Networker
  • 3289 Views
  • 2 replies
  • 0 Likes

Wildfire Activation

I successfully actived Wildfire in my environment..however, no data is being pushed to my external syslog server (Splunk) or the online Wildfire portal. Is there a sample file I can download to test if its working?

rrau by L3 Networker
  • 2455 Views
  • 2 replies
  • 0 Likes

External Captive Portals

Hello I have a question about external captive portals .. My client is migrating the firewall to Palo Alto, but he wants to keep the captive portal that is already in use in another box. My question is: How can I make users be visible and identifiable in palo alto, sending the internet requests (websites) to another box? this can be done? The id...

Jean by L0 Member
  • 3380 Views
  • 2 replies
  • 0 Likes

Resolved! Stop WMI-probing on User-ID Agent

Hey there,I am glad to join this community and and excited to work with these new age firewalls.To keep this question short and sweet, we have to PA-500's and are using GlobalProtect for VPN, and it works awesome! However, I did not set it up, but did take over his recent position.Now from my reading on the GlobalProtect set-up I understand the ...

Zewwy by L3 Networker
  • 8989 Views
  • 6 replies
  • 1 Likes

SSL Decryption firewall vs web proxy?

Hi,I see the Palo Alto firewalls can do SSL decryption inbound and outbound in order to inspect the contents for threats is there an advantage to doing this on the palo firewall as opposed to the ironport web proxy?It looks to me like a good idea to do outbound SSL on the proxy as that would see the traffic first but inbound ssl to our servers o...

sworton by L0 Member
  • 3748 Views
  • 1 replies
  • 0 Likes

Resolved! cannot understand drop reason

heyi have a client that connects to a remote site using GP, and that site have s2s vpn to my site,we have problems connecting to a server in that site, we can i cannot see and drops in the traffic or threat logs,i have put filter on the ips and used tha show global couters shows this drops:Global counters:Elapsed time since last sampling: 5.880...

minow by L4 Transporter
  • 14563 Views
  • 11 replies
  • 1 Likes

DoS Protection - Calls to aspx

Hi,I am wanting to create a DoS protection rule specific to http uri requests that have /*.aspx (so, the uri is at the root). I was approaching this by creating a custom application with a signature with the following:pattern matchcontext: http-req-uri-pathpattern: /*.aspx/*qualifier: http-method GETHowever, this pattern does not meet the 7byte ...

AmyTyler by L2 Linker
  • 3549 Views
  • 3 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks