This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! User ID Mapping Directly to Firewalls

Good afternoon,Previously we used the PAN-UID perl module to update User ID Agents running on servers, which would in turn update the firewalls.With version 5.0, there is not this capability:2.9 User-ID mapping Beginning with PAN-OS 5.0.0, you can apply User-ID mapping information directly to the firewall using the API with the type=user-id para...

Resolved! what do people search ?

Hi,Is there a way to track especially google searches from url filtering ?From url filtering logs it cannot be seen the same url as a person visit when searches for a word.we need search stats

Unknown Application Packet Capture

HiI want know about Unknown packet capture.Q1. Where is unknown pcap stored? [Device] > [Setup] > [Management] > [ Logging and Reporting Settings] App Pkt Capture ?Q2. I want know Unknown Pcap Usage.Q3. When is capture unknown packet in PA packet flow?Regards,

smaekawa by Not applicable
  • 4711 Views
  • 2 replies
  • 0 Likes

Resolved! Captive portal not redirecting for some users

Hi thereWe've just enabled Captive Portal for all of our users but I'm getting a small number of users who are simply not being redirected to the captive portal to authenticate. I've noticed that Safari on Mac is a common theme but there are a number of PC users with the same problem.I have a small selection of trusted IP addresses which do not ...

Domain is pointed as Malware

Hello,today we had a suspicious DNS Query warning because we tried to reslove a domain (pandaro.be).So Palo Alto gets information about domains and checks some information about these domeains.My questions about this:1/ What is PA using to decide which status a domain gets2/ What is PA checking at a domain to decide about the status2/ If a dom...

wolfrene by Not applicable
  • 4082 Views
  • 2 replies
  • 0 Likes

Resolved! link aggregation down

Hi,We configured link aggregation but although switch side ports become up, on PaloAlto they are down.Any idea ?show interface ae1--------------------------------------------------------------------------------Name: ae1, ID: 48Link status: Runtime link speed/duplex/state: unknown/unknown/down Configured link speed/duplex/state: auto/auto/auto ...

vpn issue

Hi,After side to side vpn established correctly after sometime(I do not know how many hours) Phase1 becomes passive.Side1 cannot access Side2.when we try to use test vpn command for ike it becomes up and it works.What can be reason for that ?

VWire configuration testing

Hi,At a recent PA training, the instructor mentioned a testing method for testing the configuration of VWire objects and the traffic flow, as configured in your Security Policy. The goal of this method is the ability to do testing in a lab environment vs. testing your traffic flow after you've put the device into production.With your device in ...

Mic by Not applicable
  • 3474 Views
  • 2 replies
  • 0 Likes

App and Threat Version fail when update.

When I download and install (choose sync HA) the update App and Threat version 386-1889 (2013/07/30), Dashboard in my device show info App Version and Threat Version mismatch (view attach files). And when I commit any change, HA will not work (view attach files). I must rollback to old Version and my device is ok. When I reinstall new update 3...

Multiple ISP load balancing

We currently have an Internet setup as shown in the image below. ISP1 is Metro Ethernet running over a disparate fiber path at 100Mbps symmetrical bandwidth. ISP2 is ATM over 1Gb Fiber, with a disparate fiber path and 250Mbps symmetrical bandwidth. ISP1 and ISP1 are running BGP. I use padding to control my preferred link, which changes depe...

EdwinD by L3 Networker
  • 6371 Views
  • 2 replies
  • 0 Likes

Resolved! ACC and filtering App Category or Sub Category

I couldn't find an answer after searching for a bit, so I thought I'd ask the community.In the ACC tab within the PANOS web UI, if I select an application in the report, within the Application Information section that appears I get links for the App Category and App Sub Category. I can then drop the filter for the Application, and work with the...

Resolved! No exempt profile in threat details

Dear,We have some traffic that is getting blocked because of a strict vulnerability profile.I want to exempt a certain IP from this profile.But when I click on details in the threat logs, there is nothing filled in the "Exempt profiles"Which is strange because it is blocking the traffic because of some profile, only it will not show me which one...

mr.linus by L4 Transporter
  • 5532 Views
  • 8 replies
  • 0 Likes

Resolved! NAT for ldap

I need to configure my PAN to allow LDAP and port 636 inbound from 10 specific IP addresses for authentication with a software company. Can't figure out how to do this correctly.

jpzynski by Not applicable
  • 4389 Views
  • 3 replies
  • 0 Likes

How to create custom vulnerability signature for SIP packets?

Hi,we are trying to create custom vulnerability signature for triggering on the specific string in the udp packet payload with destination port 5060. Unfortunately there is no context for SIP. We used "Pattern Match" and chose "unknown -req-udp-payload" as a context. We applied a Vulnerability protection profile to the security policy (a rule ...

  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks