This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

no wildfire log entry

Hello allI have been creating a antivirus profile with alert action for all decoder for antivirus action and wildfire action.but I tried to obtain some logs in wildfire log entrie. May be I didn't request the good file on the web? How could I proceed to populate the wildfire log entrie.thank you very much

Gregoux by L4 Transporter
  • 7802 Views
  • 15 replies
  • 0 Likes

Firewall Seems to Be resetting SSH Connections

HI,I have a problem with my Palo Alto firewall deployment were the firewall seems to be resetting all connections using port TCP 22 (SSH, SCP, SFTP). I have done packet captures on the ingress interface of the firewall and it shows as if the connection is being reset on the server side. However, packet captures on the egress interface show as if...

Resolved! Throughput

Hi,Is there a way to get system statistics session output with API ?or just throughput value ?

Resolved! Basic fundamentals

Hi,Just have some queries on Palo Alto firewalls posting some questions. Help on these is much appreciated.pi1) How to initiate a ping from GUI2) As per my knowledge Vwire Sub-interfaces must be acquiring the properties from parent interface, and we need not configure the Vwire Object for Vwire Subinterfaces. But in PAN-OS 5.0.4 even for interf...

Captive portal doesn't show with Firefox

Is anyone out there having issues getting captive portal to show when using Firefox. All I get is a blank screen, the URL does not change to the redirect address and it appears to be stuck doing something. The environment is the following:* Firefox 16 with both Windows and Mac* Captive portal using redirect mode to IP address* PAN OS 4.1.7I ap...

victormg by Not applicable
  • 3580 Views
  • 2 replies
  • 0 Likes

Resolved! Push dynamic update through Panorama

Hi all,Does anyboby know if it's possible to either push dynamic (scheduled of course, don't want to do that manually every day) update from panorama to managed palo or configure palo for requesting their dynamic update to panorama ?of course palo don't have access to the Internet but panorama has.Think the second way should be the best solution...

VinceM by L5 Sessionator
  • 4556 Views
  • 5 replies
  • 0 Likes

Just skype

Hi,An environment like LAN - PAN - Proxy - Router - Internetis there a way to block everything but allow just skype.No web browsing, nothing allowed except skype.I tried some rules but skype couldn't connect.Thanks.

Palo Alto blocking Symantec Antivirus

My URL filter on my PA2050 is blocking https://143.127.102.40/mrclean as malware-sites. This is Symantec SEP talking to the Symantec cloud. A discussion of the URIs used by Symantec is located here: Clients connecting to an IP. | Symantec Connect Community This specific IP is one of these URIs.I've checked with Brightcloud, and they have t...

EdwinD by L3 Networker
  • 3040 Views
  • 1 replies
  • 0 Likes

cluster question

Hi,Device1 ActiveDevice2 PassiveWhen a failover happens...it takes about 7-8 timeouts(45 second) : device1 passive device2 activeWhen a failover happens again it takes about 1 timeout(good time): device1 active device2 passiveAny ideas ?Thanks.

SYSTEM ALERT: Version 5.0.5

Hi All,After upgrading to version 5.0.5 i have a strange thing....---severity: highopaque: HA Group 1: Peer version of 5.0.5 not compatible with the HA2 keep-alive setting; disabling HA2 keep-alive---severity: criticalopaque: HA Group 1: All HA1 connections down----Am I missing something?Regards,Alex

Oleksandr by L3 Networker
  • 4438 Views
  • 9 replies
  • 0 Likes

Resolved! M-100 Panorama Mode Collectors in HA

Probably an obvious question but the documentation doesn't seem to reference this directly...If I have 2 x M-100s in HA, by default they are in a state where the primary is listed within the "Managed Collectors". From what I understand the logs are not sync'd between the primary and secondary - only the configuration aspect of Panorama. With t...

dmeier2 by Not applicable
  • 3446 Views
  • 2 replies
  • 0 Likes

Resolved! Global Protect with Active Directory Accounts

Hello all,I have what might be a simple question. I want to authenticate to Global Protect SSL-VPN using my current Active Directory users. Do I need to have the User ID software installed on a domain server to do this? If thats needed for LDAP can one of the other server types do what I'm looking for with out the software on a server?I have a P...

jnunham by Not applicable
  • 4072 Views
  • 5 replies
  • 0 Likes

Resolved! Bi-directional NAT is still requiring a /32 static route

I have two VPN tunnels established with a vendor. 1 is in San Digeo and 1 is in Las Vegas. The subnet in SD uses 10.220.1.0/24 and LV uses 10.220.2.0/24. With both tunnels they want me to NAT my IP of 172.16.1.235 to 10.200.249.30. I have a NAT statement configured that says to NAT all traffic coming from zone Inside to zone VPN Tunnels comi...

nthen by L3 Networker
  • 5318 Views
  • 4 replies
  • 0 Likes

Run NetConnect and Global Protect concurrently on 4.0.12

I would like to run Global Protect and NetConnect on a 4.0.12 firewall.I have domain users and vendors that I would like to address separately pushing the GP.msi through Group Policy to the domain users and then hand holding the vendors.Then I could upgrade to 4.12.I want to run both GP and NC at the same time on 4.0.12.I see there is a trial li...

Resolved! HA PORT CONFIGURATION IN 4.1.12?

Hello world,I have done an upgrade of PA2050 cluster in 4.0.9 to 4.1.12. In 4.0.9 the link speed and duplex for HA PORT was forced.after the uprade in 4.1.12 I lost a lot of packet and when I tried to do a commit I had an error message. Commit failed because the HA PORT LINK IS NOT AUTO. I have changed the link port to auto and the issue was fix...

alle by L3 Networker
  • 3484 Views
  • 2 replies
  • 0 Likes
  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks