This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4477 Views
  • 0 replies
  • 0 Likes

In 5.0.1, what is the full URL to the various captive portal pages?

Hey everyone,I'm using a PA-2020 on the latest version, 5.0.1. I need to be able to test the end-user experience with Captive Portal. I am also extending some effort to customize the various result pages that users will see, so I need to be able to validate them also once my custom pages are uploaded. I was thinking that the best way to test th...

jmegna by Not applicable
  • 3169 Views
  • 1 replies
  • 0 Likes

How to handle firewall self-traffic (management traffic / service routing)

Hi,when I have a global clean-up rule that blocks/logs all unwanted traffic, my firewall management traffic (DNS lookups, PAN-DB updates etc) stop working if I configure it to use any other interface but the dedicated management ports. So I added a lot of rules to allow this traffic. Which is really not what I want. I also see inconsistencies. ...

WWW vs No WWW

I submit URLs to BrightCloud regularly (several times a week). Most URLs once updated to the filter database work fine with or without the www as part of the URL. Every so often I will come across a situation where a URL won't load. For instance, http://www.paloaltonetworks.com won't load (says category: unknown) but http://paloaltonetworks.c...

TNaami by L1 Bithead
  • 4561 Views
  • 5 replies
  • 0 Likes

Blocking Cloud-Based services

Hi GroupI am looking for some practical experience on how to best block as many cloud-based services as possible.I know I can probably create some Dynamic Filters for some apps, but other may need to be controlled differently (SSL decryption, block the domain name, etc).I am wondering what the bulk of firewall admin or others are doing in such c...

scantwell by L4 Transporter
  • 3585 Views
  • 2 replies
  • 0 Likes

Multiple Domain and domain name

Hello,I have deployed 1 cluster of PA 3020(5.0.5) and UIA on 2 servers of the domain.The domain architecture is as following:1 parent domain: idf.local6 child domain: xx.idf.local, yy.idf.local, ...UIA works well and we have good informations on the PA with NETBIOS domaine nameshow user ip-user-mapping all:IDF\user1XX\user2YY\user3But with the g...

Panorama Log Collector - No Seq Num Acked

I have a deployment that has a pair of M-100s in HA and each of them has a full disk array that's split out into two separate log collector groups. It seems as if there's an issue of Panorama communicating to the collector devices that should be forwarding to the collector group. If I look at the local device I see:"'Log Collector log forwardi...

dmeier2 by Not applicable
  • 3235 Views
  • 3 replies
  • 0 Likes

Problem on Web Management Interface

Hi All,Our PA500 (PAN OS 5.0.4) recently behave unusual, sometime its kick user from web interface after log in for 10 or 15 minutes.The only error message that I received in the browser said "XML not responding".Further check in the logs I got this error :websrvr: Traceback (most recent call last):. File/usr/lib/python2.4/site-packages/masterd/...

URL Security Profile DENY not logging

Having an issue with URL filtering not logging the Streaming Media....BLOCKED. PA is allowing certain individuals based on Security policy and logging it to MONITOR. It also is blocking other users not allowed by the URL Security Profile, but not logging in MONITOR with a DENY ... Any Ideas? Thanks Jerry

Jshively1 by Not applicable
  • 2244 Views
  • 2 replies
  • 0 Likes

NAT Configuration: Need information

Hello everyone,I need confirmation on configuration.I attach a picture to this discussion.Can you confirm that the 2 first menstrual sufficient for the proper functioning of an email server in the DMZ (not to mention filtering rules)?Also, the first two rules can replace the last?Thank you in advance for your help.

URL Filtering - Error: Failed to get response from device server. Please try again later.

Yesterday our PAN started running very slowly i.e. lots of sites taking forever to start loading.I noticed on Dynamic Updates, for URL filtering I have this error listed:Error: Failed to get response from device server. Please try again later.If I disable URL filtering on my policies everything is working perfectly.Nothing has changed on the P...

Resolved! change application time out

Hisomeone did make modification on the time out defined in a application definitionis it the only thing to do, to modified the time out.or you have to create an application override to force this modification.thank's

Gregoux by L4 Transporter
  • 2176 Views
  • 1 replies
  • 0 Likes

Applipedia not up to date?

I've noticed the applipedia online does not contain the latest applications since the 376 update?Currently only seeing 1674 applications. Any ideas?

rds by L2 Linker
  • 2555 Views
  • 1 replies
  • 0 Likes

no wildfire log entry

Hello allI have been creating a antivirus profile with alert action for all decoder for antivirus action and wildfire action.but I tried to obtain some logs in wildfire log entrie. May be I didn't request the good file on the web? How could I proceed to populate the wildfire log entrie.thank you very much

Gregoux by L4 Transporter
  • 7780 Views
  • 15 replies
  • 0 Likes

Firewall Seems to Be resetting SSH Connections

HI,I have a problem with my Palo Alto firewall deployment were the firewall seems to be resetting all connections using port TCP 22 (SSH, SCP, SFTP). I have done packet captures on the ingress interface of the firewall and it shows as if the connection is being reset on the server side. However, packet captures on the egress interface show as if...

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks