This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4464 Views
  • 0 replies
  • 0 Likes

Resolved! Action=Allow while NATDestinationIP=0.0.0.0

Hello, I am not a firewall administrator I am an analyst who reports alerts on suspicious behavior based on indicators of compromise matches, mostly related to ransomware and IP addresses with bad reputation. I have a big doubt because I always generate the alerts from the SIEM starting from the Action=allow field but I have noticed as you c...

JuanLondono1_0-1714499856570.png

Resolved! Ping Failed (aged out)

Hello friends, I configured site-to-site vpn between two firewalls and the ping from network behind firewall (internal network) to other internal network is failed (timeout) while the traffic shows allowed in the firewall logs. The Tunnel is Up and Green status. The configuration is the same on both firewalls and straightforward. Policy allows...

Hayder by L0 Member
  • 2727 Views
  • 2 replies
  • 0 Likes

Resolved! Can't create case, get salesforce error (ever since my day 1)

I can get logged in to https://support.paloaltonetworks.com, but when I attempt to create a new case I get a Salesforce error: https://supportcases.paloaltonetworks.com/_nc_external/identity/saml/SamlErrorSingle Sign-On Error We can't log you in because of an issue with single sign-on. Contact your Salesforce admin for help. What do I do? I h...

pbrosthp by L0 Member
  • 1711 Views
  • 1 replies
  • 0 Likes

PBF with NAT, how does it works?

Hi GuysAccording to document , if there's destination NAT , there'll be second routing lookup to decide outbound zone & interface. But I'm very confused when there's routing and PBF together, In the second routing lookup, how does PBF rule work? Does PBF work based on Pre-NAT destination address or Post-NAT destination address? According to ...

JTR by Not applicable
  • 13988 Views
  • 4 replies
  • 0 Likes

Resolved! Type=Deny while Action=Allow

When opening iOS Facebook app I''m unable to play a movie... however, from the same device if I login to facbook via browser I can play the video.I'm trying to find out why the iOS App is getting blocked, as my policies clearly allow it.Rule iPhones: Iphone Rule allowing all traffic Log when using Facebook via Chrome Log when using Facebook v...

iPhone Policy.JPG
Traffic Allowed.JPG
Blocked Traffic.JPG
Decryption Policy.JPG
Hwinter by L2 Linker
  • 22074 Views
  • 4 replies
  • 1 Likes

Palo Alto Clearpass integration disconnecting

We are looking to utilize Cleaspass sending information to ours Palos for the purpose of user-id. We have this applied in some test groups but we are running into an issue where after a few days the connection appears to time out and the Palos stop received user-id information from Clearpass. There are no errors in the Palos system logs, Clear...

Claw4609 by L5 Sessionator
  • 1727 Views
  • 2 replies
  • 0 Likes

Resolved! PAN NGFW carbon footprint

Hello, I'm searching for informations about environmental impact of NGFW. Is there a benchmark for the carbon footprint of Palo Alto physical firewalls?Measurements such as the footprint of the production of a firewall, daily electricity consumption? Thanks for your help.

Panorama MGMT interface option - Public IP ?

Hi Question about configuring Panorama management interface. Why is there a "Public IP" under the management interface? "IF" we would set a public IP on the panorama, dont we configure it under IP Adress + Netmask + gateway? Why is there a "Public IP" option field first? I searched and read the guides but nothing about a public ip is spoke...

AnderSL by L1 Bithead
  • 2217 Views
  • 2 replies
  • 0 Likes

Resolved! Find the source for "DNS amplification attack response"

Hello, We receive many "DNS amplification attack response" alerts with the source of our internal DNS servers toward public DNS servers on the Internet. How can we know whether these alerts are not false positives and if they are true positive, how to find the main endpoint responsible for this type of attack? Thank you all 🙂

Help support

Dear Palo alto family, I face some difficulty to ping internet on DMZ , i am trying to configure a security policy DMZ_to_Public/ WAN but still i didn't ping 8.8.8.8 in DMZ switch and didn't ping in firewalls itself also. Help me to solve this issue pls

Zola12 by L1 Bithead
  • 1789 Views
  • 3 replies
  • 0 Likes

Resolved! eventid eq tunnel-status-up/down

Hi Team, We run the command eventid eq tunnel-status-up / down but we dont see any output under Monitor>system. What is the reason? two days back we see the went down and see the DPD log as well but still no result for subjected command please suggest.

shirishkulkarni_0-1714376236358.png
shirishkulkarni_1-1714376355230.png

How to make white list policy on file blocking palo alto

I have Palo Alto PA - 5520 Series when the user uploads a file, I want palo alto just allow file in jpeg, png, xls, xlsx, pdf type. and blocking other file types. because my server has an incident, it receive file type phar and php (malicious file) but palo alto didn't block this file because Palo Alto alto didn't have phar file type. so I wa...

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks