This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4227 Views
  • 0 replies
  • 0 Likes

generic:beerwineandcupcakes

Upgraded to PAN OS 5.0 last weekend, got home from the Ignite Conference and was looking through the Threat Logs and I see a bunch of entries for spyware based on DNS signatures (new feature in PAN OS 5.0). Is there anyway to find out more information about this? I know it says Generic in the name, so I'm guessing this is a broad category. It...

rtesdall by L1 Bithead
  • 3266 Views
  • 3 replies
  • 0 Likes

strange connection from PA - help me please

HelloToday I recognised that one of my security policy droppping trafiic from IP 192.168.1.1 adddress from one of my subinterfaces to IP adersses to port 135 from other subnets.I'm using CaptivePortal but not in that zone where is 192.168.1.1, I'm using AD integration but with agents not on 192.168.1.1.How to investigate what PAN process is doin...

_slv_ by L4 Transporter
  • 5042 Views
  • 9 replies
  • 0 Likes

User showing in logs, but do not show up when creating security policies

Palo Nation, I am trying to create a security policy based on a specific user, but when i get to the user tab nothing shows up. I check the CLI to make sure I was getting the user-ip-mappings ( show user user-ip-mapping all). When i get to the security policy user section, I proceed to click add and enter the username. i would assume auto po...

Problem with Captive portal :

Dears,I'm using PA-500 with 5.0.11 OS.I would like to get help for the captive portal, HTTPS traffic isn't being interrupted while HTTP is working fine and redirecting traffic for authorization.Please help me.Regards,Umair.

ikkgroup by L0 Member
  • 8123 Views
  • 13 replies
  • 0 Likes

Resolved! No entries in traffic logs

Hi folks,I'm running a VM-100 on a VMWare Workstation 9, off Windows 7 (Not supported, I know - but it works. Sort of).I imported the .ovf and added an extra NIC (.ovf only came with two NIC's, one of which goes to management as far as I can see).eth1/1 layer3 - "Inside" security zone, internal VM networketh1/2 layer3 - "Outside" security zone, ...

BLH by L2 Linker
  • 9836 Views
  • 10 replies
  • 0 Likes

tftp being blocked on internal network

I am trying to use tftp to backup my cisco catalyst 3500 xl switches and it show that the PA 3020 is blocking by tftp traffice when it hits the clean up rule. Is there an easy way to allow tftp?

infotech by L4 Transporter
  • 4509 Views
  • 3 replies
  • 0 Likes

Policy report for PCI

For PCI compliance, I need to submit poof of our firewall policy (we use a PA3020). Is there a standard report that I can run that summarizes our Policies, or is there a way to export the policies to a PDF or spreadsheet? On our old ASA I could simply do an export to HTML or spreadsheet which I could attach to my report.Thanks in advance.David

breedend by L1 Bithead
  • 3644 Views
  • 4 replies
  • 0 Likes

Windows Radius Server (NPS) / User ID discovery through PA Agent

I'm trying to figure out a way for the PA to discover usernames / IPs for wireless clients (could be Iphones / Andriod) authenticating via a Windows 2008 R2 Radius server. Clients are authenticating through dot1x (wpa2 enterprise). Auth and everything works fine, but the usernames are not being discovered.Just curious if anyone else has ever run...

rbergen by L1 Bithead
  • 8066 Views
  • 8 replies
  • 1 Likes

Issues upgrading pa200 from version 4.1.6 to 5.0.10

I downloaded OS file version 5.0.10 and when I tried to install it, I get the following error message: Failed to install 5.0.0 with the following errors. SW version is 5.0.0 Error: Upgrading from 4.1.6 to 5.0.10 requires a content version of 320 or greater and found 255-1052. Failed to install version 5.0.0 type panosMy pa200 currently have 4.1....

Resolved! What type of policy\rules do you need to access an internal licenses server from the internet

I have an internal licenses server that users need to access from the internet, 10.1.3.21. The The external exposed ip is 216.55.55.10The application on the users computer needs the following TCP ports open through the firewall so that client workstations are able to obtain a license from your license server system.lmgrd.exe needs INCOMING TCP ...

Portal Page for web based email?

Is it possible to have a portal page or a content page when someone uses gmail, yahoo mail, .... that would make them have to read company policy about not to use them to upload and email company data?

markk96 by L3 Networker
  • 2776 Views
  • 2 replies
  • 0 Likes

Custom Vulnerability (.DMG)

Hi All,PanOSS 5.0.10The following site (amongst others) hosts a malicious file that I want to block: Download Genieo. The file is a .dmg and I want it blocked to my Mac user estate. Rather than block the URL I thought I would give Custom Signatures > Vulnerability a go. I am following the document Creating_Custom_Signatures-RevA (page 43).Fil...

nickcx1 by Not applicable
  • 4106 Views
  • 2 replies
  • 1 Likes

Idle timeout since 5.0.11

Hi All,We have an issue with our firewall. Ever since we did the update to 5.0.11 a few weeks back our RDP connections from WAN to LAN are timing out after 30 minutes of Idle time. I have checked the server settings And they are fine, the only thing thats changed is the firewall version. Below are the NAT and Policy rules for the RDP server. We ...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks