This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4142 Views
  • 0 replies
  • 0 Likes

icmp redirect support

Hello,simple question:Does PA devices send / support icmp redirect ?Use case:PA device is the default GW for local LAN subnet (A).PA device has a route to an another subnet (B). The next hop is on his LAN Interface.Local Clients devices has only a default GW to PA LAN Interface.From my understanding and some tests:PA device does not send ICMP re...

glebon by Not applicable
  • 7628 Views
  • 3 replies
  • 0 Likes

Resolved! Licence problem with Iphone/Android GlobalProtect client

Hi,In our university, we have two PA-5020 (PANOS 5.0.5) with VPN service configured in actif/passif mode.We don't have gateway and portal licences activated, as we only need one GlobalProtect portal and one GlobalProtect gateway.Users with Windows or Mac OS can connect with the GlobalProtect client without any problem.However, with the new Globa...

cnamurdc by L1 Bithead
  • 4903 Views
  • 2 replies
  • 0 Likes

How GP selects between SSL and IPSEC?

Hi,I have recently noticed that most of my VPN users with Global Protect are connected with IPSEC.Before that, two or three weeks ago, they were mostly connected with SSL.How can it be like that?Is it related to some parameters on our PA-5020 (PAN-OS : 5.0.5)?Thanks for your help.Regards,Sylvain Fouqueray

cnamurdc by L1 Bithead
  • 11811 Views
  • 3 replies
  • 0 Likes

Resolved! Trying (still) to understand Wildfire

I got two files sent to me for analysis and I ran them through Wildfire to get a verdict...Unfortunately im still not comfortable with what Wildfire thinks is a malware and what me (and obviously the rest of the world) belives is a malware...Could perhaps somebody from PaloAlto themselfs (or somebody else) explain to me why both files have the v...

mikand by L6 Presenter
  • 6568 Views
  • 7 replies
  • 0 Likes

User ID from eDirectory, multiple IPs per user

Hi,for identifying users on an PA-3020 with PAN-OS 5.0.5 I use a combination of reading the information from eDirectory, XML-API and captive portal.I am now facing the problem that users which use different computers at the same time with their user account which is authenticated against the eDirectory (for example one at their workplace and ano...

Resolved! Panorama 5.1 on VMWare Workstation 9.0

Has anyone got it to work?I need to prototype a configuration for a customer who wants to move to 5.1, and all I have access to is VMWare Workstation 9.1. I thought that would not be a problem, but perhaps it is? I'd be working within the 30 day trial window.Firstly, whenever I try to import the OVF file, I receive a message saying that the file...

PA 4020 and PANOS 5.0.6 dataplane CPU spikes: anyone else seeing this?

We upgraded our PA 4020 to PANOS 5.06 (thankfully it's only in tap mode, no traffic is running through it). Our PA 4020 is kind of our "canary in the mine" so to speak when it comes to upgrades, and maybe having that implementation is proving itself out right now.Anyway, has anyone see dataplane CPU spikes on 5.0.6? See the nice little spikes on...

Resolved! Global Protect stuck on Connecting

On some workstations, the Global Protect client (latest 1.2.4) will not connect. If I re-install the client it begins working and then 2 days later will continually show Connecting in the taskbar until the client is re-installed again. Right now I have a mix of this happening on WIndows XP 32-bit, Windows 7 32-bit and Windows 7 64-bit. Some s...

nthen by L3 Networker
  • 13783 Views
  • 5 replies
  • 0 Likes

logged in admin count Panorama

Hi,how can we see the admins already logged in to Panoramawhen we use show admins or Dahsboard it is hard to count.There are many admins we just need number of admins logged in realtime.

Resolved! No logs in wildfire log section on device- PAN OS 5.0.3

Hi ,Even we have the valid wildfire subscription, not able to see any logs in wildfire logs in device but in the data-filtering logs for some exe files it is showing wildfire-upload-success ( means file has uploaded to wildfire cloud for analysis).I executed the commands >test wildfire registration - showing registered ...

Gururaj by L4 Transporter
  • 4072 Views
  • 3 replies
  • 0 Likes

Resolved! VPN user cannot access another network segment

Hi AllI just established a VPN between two sites. the user over the site has no issue contacting my LAN IP segment (172.20.4.X) and but they just couldnt access to another of my LAN IP segment (172.20.6.x)I have check under the virtual router that segment was already included. did I miss out on something or where should I be looking at?Thank for...

RIS by Not applicable
  • 3586 Views
  • 3 replies
  • 0 Likes

DNS Amplification Attack

http://dnsamplificationattacks.blogspot.com.es/http://dnsamplificationattacks.blogspot.nl/2013/05/nl-188954825-as57172.html, In relation to this attack, which is performed a high volume of requests against the DNS, it detects PaloAlto under the signatures:DNS Queries ANY TWO Brute-force AttackMicrosoft SMTP Service and Exchange Routing Engine Bu...

noc_soc by L0 Member
  • 4778 Views
  • 2 replies
  • 0 Likes
  • 24340 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks