This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4240 Views
  • 0 replies
  • 0 Likes

Invalid threat ID number, next steps

In the threat logs, the PAN is detecting a virus for internal traffic, server to client, but the threat id doesn't match anything in the threat vault, 1 number too short, 253879. What's the best way to identify if the threat is legitimate, not a false positive? application = ms-ds-smb, url LogoinScript.VBS

tstores by Not applicable
  • 2587 Views
  • 1 replies
  • 0 Likes

Same traffic traverses the firewall twice.

I will try to draw this out the best I can and then ask my question.Remote Site (zone is trust, vrouter2, tunnel.1) <<>> Core network (zone is trust, Interface 1/10, vrouter2, layer3) Rule for this is any, any in both directions.The above is how all remote traffic flows. (all traffic hits the core)Core Network <<>> interf...

rbit0965 by L1 Bithead
  • 5939 Views
  • 6 replies
  • 0 Likes

Resolved! GlobalProtect Portal konfig update on Windows

Is there a way to force an update of the GlobalProtect configuration on a windows agent?I`m testing different configurations but the client would update the config, probably because of the "Config Refresh Interval (hours)"RegardsKristian

kristian by L3 Networker
  • 3906 Views
  • 3 replies
  • 0 Likes

iMac updates and traffic monitoring

I have permitted apple-updates and users have confirmed that they are able to perform their updates. However, a user in is unable to perform updates as it appears that he is being blocked.All our firewall and filtering is carried out by PAN and I am usually view traffic from a user's PC computer and figure out what is being blocked by the one of...

PeterG by Not applicable
  • 2349 Views
  • 2 replies
  • 0 Likes

Resolved! Threat search by name

Hi,If i have just threat name (eg.: Suspicious Content Found in 404 Page). How i can find this threat in a threat log? Is any search by name? Or i need to look all log by my self?

Interface by L3 Networker
  • 3176 Views
  • 3 replies
  • 0 Likes

Subtype "4" in Traffic log

PAN OS 5.0.0 on VMWareI see a lot of subtype "4" in my traffic log. I also see start, end, deny, drop, so I'm sure it's not just a display error meaning one of the listed.Does anyone know what "4" means?ThanksAndre

u13550 by L3 Networker
  • 3940 Views
  • 4 replies
  • 1 Likes

telnet with EBCDIC encoding

We are having some issues with IBM telnet (tn3270) through a PA-200. The telnet sessions are very sluggish. I had to remove the firewall to restore performance. The telnet is using EBCDIC encoding. I had been specifying a security policy using the application telnet. When I get a chance I will change that to service port 23 and test again. ...

oshcomp by Not applicable
  • 4824 Views
  • 5 replies
  • 0 Likes

Resolved! Disabling warning messages during commit

Hi,I get a lot of warning messages during commit, regarding rules shadowing, application dependency, etc.I've been looking for a way to disable some or all of the warning messages, but with no luck.Anyone know if it is even possible?

JFunk by L0 Member
  • 4395 Views
  • 2 replies
  • 0 Likes

Resolved! logs on PA-2050

Hello everyone ,I have recently implement pa-2050 at a customer premises. Nine days after the implementation each time when login on the web interface a system alarm just popup saying '' Database traffic exceeds percentage limited '' . Have a question , with the default quota for the traffic log how many days pa device can keep the logs?Please ...

Resolved! Security Policy Rule matches on ALL URL categories

Hi,I'm sure this was working at some stage but now it's not working the way I need it: I have a rule from inside to outside, any user, web-browsing and a URL category of gambling, allow the traffic and use log forwarding with no profiles selected.The problem is that the URL is matched on ANY traffic. Doing a 'test url' from the command line list...

hoerzers by L1 Bithead
  • 10434 Views
  • 10 replies
  • 0 Likes

QoS (bandwidth) VPN site-to-site tunnel?

Hi all,I am trying to understand the QoS feature of the PAN-2020 and was wondering if I could get some assistance. We have a VPN site-to-site tunnel and the data center we are tunneling to is a 10 Mbps connection we can burst up to (10 Mbps being the max speed). We are using PAN-2020s on either side to manage the tunnel and I am looking into h...

cmateam by L3 Networker
  • 6342 Views
  • 3 replies
  • 0 Likes

M86 Migration Experiences

I may be starting a migration soon that includes migrating URL filtering from an M86 to PAN. I'm trying to get up to speed on the M86 (haven't used it before) and wondered if anyone had any hints, recommendations or "gotchas" to watch out for.Currently perusing the M86 web filter user guide but that never paints the whole picture. So, appreciat...

Resolved! Mismatch of static-ip source translation address range between original address and translated address

What exactly does this error mean?Error: nat rule 'ipCentrix Outbound': Mismatch of static-ip source translation address range between original address and translated addressI get this error during commit.I'm trying to:Change the Source Address to 66.111.112.5 forAny Packet to the Internet zoneThat has the destination address of 192.168.128.0/18...

JoshG by Not applicable
  • 23715 Views
  • 1 replies
  • 0 Likes
  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks