This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4119 Views
  • 0 replies
  • 0 Likes

Resolved! The use of use-cache-for-identification introduced in PANOS 5.0.2?

According to the release note for PANOS 5.0.2 (released 2013-01-15):"47195 – When the App-ID cache feature was enabled in previous releases (enabled by default), it was possible to pollute the cache to allow some applications to pass through the firewall, even when a rule was set to block the application. If you are running an older version of P...

mikand by L6 Presenter
  • 7925 Views
  • 5 replies
  • 2 Likes

Resolved! Palo Alto Dictionary file for Steel Belted Radius

Hi,We are using Steel Belted Radius Enterprise Edition v6.1.6 for authentication on all the network devices.We have few PA3020 and PA500. Now we would like to authenticate these firewalls via the same Steel Belted Radius Server.I am unable to locate Palo Alto as vendor in the SBR admin GUI. I have tried selecting the Standard Radius Option, but ...

DCN by Not applicable
  • 3953 Views
  • 3 replies
  • 0 Likes

SSL decryption fails

We are testing SSL decryption on our PA at the moment. We have found a site that could not be decrypted: https://posteo.de/Has anyone of you an idea why the decryption fails for that site?And how could I troubleshoot such problems? Because the normal log does not show any problem, but the browser shows an error message.Thank you!

Resolved! Active Directory help

Hi All,We received our first pan 3020 Monday and I have been trying to learn about the product in order to setup for production. I'm making good progress so far, but I have run into an issue importing AD users. I setup group mapping and I'm able to see groups that were imported, but no users. What am I missing?Thanks in advance for your help.

jbo by L0 Member
  • 5342 Views
  • 8 replies
  • 0 Likes

Resolved! Dynamic Block List Site

Is there a list of known bad IP addresses? I would like to include a dynamic block list in my policy but I don't have a list of known bad IP addresses. Does Palo Alto have a canned list of IPs that I can reference to insert into my policy?

das by Not applicable
  • 7685 Views
  • 6 replies
  • 0 Likes

Hosted Verizon PBX solution with phones behind a PA200; calls drop at exactly 15 minutes. Anyone else seeing this?

We have a remote office with a PA200 and we are using VoIP phones that use a Verizon remote hosted PBX solution. Outbound VoIP calls drop at exactly 15 minutes... meaning any and all calls out drop at that exact time. We can pull reports and see that no call ever exceeds 15 minutes in length.Has anyone else seen anything like this? initially I t...

Ipsec vpn from MS ISA 2006 to PaloAlto

Hello,A third party has a isa 2006 server which they use for ipsec vpn. We do not seem to be able to create an ipsec site 2 site vpn. Can this be done? If so, any howto's,

mikeh by Not applicable
  • 2576 Views
  • 1 replies
  • 0 Likes

PAN-OS

Hi Guys ,Have a question , which PAN-OS is the most stable ??Regards,Bryan

How to Interpret Traffic Monitor Output

I have traffic going over a VPN tunnel. There is a rule alllowing the traffic and routing isn't a problem.A source host isn't connecting to a host across the tunnel. In monitor I'm seeing entries that say the packet is allowed but in the application column the entry says "insufficient data". What does that mean? Where can I find a list of expec...

Weese by Not applicable
  • 2643 Views
  • 2 replies
  • 0 Likes

Resolved! Portal Gateway priority clarification request

We are having West Coast clients connect to our "backup" east coast gateway, which is a small sales office, and thus, cannot be "Manual Only". We would like to adjust the gateway priorities to help keep all clients on West Coast connecting to the main gateway setup for those clients.In reading documentation it states, "The agent will contact al...

VBS/Virus.invadesys.(253879) - Potential False Positive?

Hi,Recently, on some of our clients we have been seeing the same threat / virus appear. The name is VBS/Virus.invadesys. and the ID is 253879.Some interesting things to note...The file-name is ALWAYS a bookmark file ending in .urlAll of the files sound VERY generic.Small sample of some URLs..."Guide Entertainment Network.url""Monitor Tool 2008.u...

dciccone by Not applicable
  • 7005 Views
  • 11 replies
  • 0 Likes

4050 HA Upgrade Question

Anyone with a HA 4050 Cluster, can you please tell me the pros/cons of code 5.0.3 and 5.0.6? I am looking to upgrade my HA pair and have noticed CPU imbalance issues, high management plane issues with 5.0.1 on my 500, 2050's. I want to upgrade but am worried the CPU issues are not addressed/corrected with 5.0.3 and/or 5.0.6 when upgrading a 40...

Resolved! How to change the action on an individual signature

I am trying to change the action on an individual Spyware signature from Alert to Block. When I go in the Spyware profile and find the signature in the Exceptions and change it to Block and hit ok twice to save it when I go back in it is set back to Alert. How do I make this work?

JeffTQT by L2 Linker
  • 3737 Views
  • 2 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks