General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 258 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 937 Views
  • 0 replies
  • 0 Likes

UserID debug Log. high load CPU?

Palo Alto support ask me about send them the debug lof of UserID. I can enable this debug log with my DC in production. There is risk about load CPU in the UserID device (Domain controller). I could do it in production?

thanks

PDF Summary Report (Missing Custom Reports/Widgets)

It has been a few versions since I played with PDF summary reports however, I am currently running version 5.0.5 and in the GUI if I go and create a PDF summary report there is no 6th drop down for custom reports as I remember and as shown in the hel

...

CHammock by L2 Linker
  • 3755 Views
  • 5 replies
  • 0 Likes

Suspicious DNS Query - conficker

Hey,

Is there a way for not letting conficker fill up the threat logs? Or an easy way to filter them out? I have 1000+ logs from 1 host on just a few hours and it is getting hard to see the other threats... Even in the ACC, I get a list full of confic

...

bdeschut by L4 Transporter
  • 5982 Views
  • 13 replies
  • 1 Likes

URL Filtering Exception

Per company policy, we block all online personal storage sites.  However, as always, there are some exceptions.  What is the best way to allow 1 specific user to 1 specific site?  Do I really need to create a separate URL Security Profile for each ex

...

Resolved! Clear SSL opt-out response cache for client

PanOS 4.1.14

How does one clear the cache for an individual client IP, so that the end-user is presented with the SSL Opt-Out page again when they next try a site which uses SSL? All I can think of is clear session all filter ssl-decrypt yes. If I do

...

nickcx1 by Not applicable
  • 3427 Views
  • 4 replies
  • 0 Likes

Security Rules dont match propertly

Hi,

I just migrated from 5.0.3 to 5.0.6 and the user-id is giving problems......... Some rules is not matching correctly.......

I have the rule on top ,deny Twitter application and in the end  i have a rule allowing this traffic.....but the twitter tra

...

DNS Proxy Errors

We have a remote office using a PA-200 in the middle east. I configured it to use DNS proxy with caching to lower the time for resolution over the VPN tunnel back to our corporate DNS servers in the US. We also have intermittent disconnects due to th

...

CRL not downloading

Hi,

I have just noticed that my PA-2050 has in it's system logs regular entries as follows:

Failed to get CRL http://crl.godaddy.com/gds1-16.crl

I also get similar entries for every different certificate server I can think of.

Reason I ended up looking a

...

Strachf by L1 Bithead
  • 4195 Views
  • 4 replies
  • 0 Likes

Multisite vpn question

I am in the process of planning out a spoke/hub type PA vpn setup.  I'm working with the networking team to carve me out enough addresses for each remote site.  What I'm wondering is if each remote site can connect back to the main HQ PA (5000) so I

...

gmchenry by L1 Bithead
  • 2346 Views
  • 1 replies
  • 0 Likes

UserID problems

HI,

we just migrated from 5.0.3 to 5.0.6. And we are having some problems  with the mapping in UserID. For some users the UserID is working correctly but for others users is not working...

I attached how this uses jloa log in, but i cant in the show us

...

About vpn error log

Hi,

What does "received unencrypted Notify payload(INVALID COOKIE) from IP ...to  ...  ignored "  mean ?

Thanks.

panos by L6 Presenter
  • 4370 Views
  • 4 replies
  • 0 Likes

Application Incomplete - Leading causes?

So im doing work on our DR site. Two diff setup scenarios are failing; NAT over a VPN and routing from one PA to another and out a VPN. I can see the rule letting the packets out so a session should start for the return trip but .. nothing.

Both scena

...

choff123 by L3 Networker
  • 10913 Views
  • 13 replies
  • 0 Likes
  • 24031 Posts
  • 115 Subscriptions
Top Liked Authors
Labels