This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! Blocking file downloads based on content disposition

Hello,We are trying to block specific files based on the content disposition. Using all the different context values for http traffic has proven ineffective. The issue is that we don't see the file name until the end of the file download. A screen shot of the packet capture is shown. Support has not been successful at providing me how to ide...

HITSSEC by L4 Transporter
  • 3311 Views
  • 2 replies
  • 0 Likes

How to export all logs ( eg 5 moths detailed) to CSV or any other format?

Hi All,How to export all logs ( eg 5 moths detailed) to CSV or any other format?From monitor -> logs -> traffic i tried to export to CSV but it showing only for one day, is there any way to export all logs? In monitor -> Reports it showing logs from From 4th Feb 2013 to till date, bur when i tried to export to CSV from logs -> traf...

Gururaj by L4 Transporter
  • 16678 Views
  • 10 replies
  • 0 Likes

Using XML API to enumerate virus (antivirus) signatures

Hello,Using the panxapi (from @ksteves) I'm able to enumerate all the threats (scan, vulnerability, phone-home), but I'm not able to find an xpath I can use to enumerate information about the antivirus signatures. By way of example, I can see that in my log output each virus hit appears to have a name and and entry number:<snip>,Virus/Win3...

wfleitz by Not applicable
  • 2564 Views
  • 1 replies
  • 0 Likes

Resolved! Application Override Policy Match Criteria, does it match on Pre or Post-NAT Zone/IP?

HelloI'm currently configuring a PA-2050 running PAN 5.0.9Can anyone confirm if the Application Override Policy match criteria should be configured to match on the Pre-NAT or Post-NAT zones and IP addresses. I'm assuming it will match in the same way as a security policy does, and use the Post-NAT Zone, while the IP address match is based upon ...

Smi12 by L2 Linker
  • 3684 Views
  • 2 replies
  • 0 Likes

Error when trying to run User Activity report

I am trying to run a User Activity report. There are logs for this employee with their domain ID identified but when we run the actual report for HR it comes up blank. Is there a know release to resolve this issue.PAN OS version is 5.0.4.Thanks

unable to change the web-gui certificate

hi ,recently i wanted to changed the web-gui certificate i followed the procedure on how to create a certificate in openssl ( for panos 4.x) the certificate created successfully. i event imported into the appliance but whenever i click on the checkbox Certificate for Secure Web GUI i receive the following error system -> web-server-certificat...

Is it possible that set nine snmp trap servers?

Hello,We are migrating configuration from juniper FW to paloalto FW.My customer used nine snmp trap servers on juniper FW.But paloalto FW cann't have over five snmp trap servers.Could you know other resolved ways?Please let me know it.Thanks

Resolved! VPN w/ NAT on external IP in same range as VPN IP

maybe that title was convoluted but i need some feedback for somethiung i have not done before.setting up a VPN but the other party says they DO NOT allow internal addreses over the VPN to their network; so i cant give them proxy IDs of 192.168.0.0 10.0.0.0 etc... it has to be an internet routable IP.So,,I dont have any proxy IDsIm using an exte...

choff123 by L3 Networker
  • 2866 Views
  • 1 replies
  • 0 Likes

PA service account causing huge root DNS traffic?

Basically, the traffic monitor is showing DNS traffic going from my DNS server in the trusted zone to the external root DNS (our ISP) in the untrusted zone, and user is the PA's own domain account.All of it's coming from a domain controller that also has the User-ID agent installed.I probably fudged something in the settings, because it doesn't ...

Maxstr by L3 Networker
  • 6981 Views
  • 7 replies
  • 1 Likes

User Groups Seen as Users in Security Policy and new users added to that group are not getting identified.

Hi All,Model- 2050 and PANOS- 5.0.6In security policies groups are showed as a single user and any new user added to that group are not getting identified by the PaloAlto firewall. In source user column in policy showing single user icon instead group icon. But existing users in group are getting identified ( this issue is only for newly added ...

Gururaj by L4 Transporter
  • 5236 Views
  • 4 replies
  • 0 Likes

How to match MAC to IP in BYOD environments with IPv4 and IPv6

Hi,it is not easy to locate devices making trouble without having a reliable MAC-IP mapping in BYOD environments. With IPv4 we can solve this at the switches side with DHCP-Snooping ans ARP-Protect to assure that only IP addresses assigned by DHCP can be used. With IPv6 I have to find a new solution assure only IP addresses I can map to a device...

Unibw by L2 Linker
  • 3274 Views
  • 2 replies
  • 0 Likes

Why does User-ID suddenly stops ?

Hello,We have a customer who is using PA-3020 in L3 A/P cluster, running PanOS 5.0.2.We have set up User-ID with PanAgent services (Primary and Secondary) installed on two different servers members of the domain.User-ID is configured to be based on :- Security logs- Sessions- ProbingOn 4 different servers :- 2 AD servers- 2 Exchange serversThe U...

ldormond by L3 Networker
  • 4060 Views
  • 2 replies
  • 0 Likes

Resolved! Rate limiting egress on perimeter install

I have a client where I would like to rate limit egress traffic from an internal source IP. This source IP tends to be a major bandwidth hog. I currently have no QOS profiles setup but I do see the option to limit egress I believe.Are QOS profiles the easiest / only way to do this? Does QOS allow you to limit based on a single IP?

SDorsey by L4 Transporter
  • 2457 Views
  • 1 replies
  • 0 Likes

Resolved! Can I create a custom file type?

As per the subject, is this possible to do?We'd like to have specific types of files logged when it enters or leaves our network but since there is no such file type on the system, it isn't being logged.Thanks

eugenep by L3 Networker
  • 5909 Views
  • 6 replies
  • 0 Likes
  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks