This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4112 Views
  • 0 replies
  • 0 Likes

Is it possible to configure Agent User ID or Firewall or not to map a user?

Hello everyone, I have a communication tool on each PC users that perform LDAP queries to my AD to retrieve information from other users.This tool is using the same account (\ ccm), explain how to Palo Alto or rather the agent does not back this user?The current problem is that in my logs all IPs of my users are raised with In User \ ccm name.Th...

Resolved! Where can I download db data (PAN-DB)

Hello~for the first time I use url-filtering from PAN-DB and OS 5.0.4so I have to choice regionsI've been living in koreaand so Does I choose APAC regions?If url-cloud choose APAC reginoDose PA Device perform update or searching on APAC URL Cloud?

Resolved! How can I check DB Cloud entries?

HiBrightcloud urls support 100million entries.We can check URL MP Entries in pa box>debug device-server bc-url-db db-infobut I can't find brightcloud entries from cli commnadIt seems that There is no cli command,,I looked up manual, brightcloud site, documents;;Ones did not specify any where;;Some body help me Cli or site, documents, etcI wil...

Modifying application threat levels

Greetings,I'm trying to sort out if there is a way in PAN OS 5 to either squelch known hosts from appearing in the ACC risk factor list (one is my web content filter, another set of hosts are my web load balancers) or reduce the risk factor for particular hosts (under application web-browsing / general-internet/internet utility/browser based for...

eDub by L1 Bithead
  • 3502 Views
  • 2 replies
  • 0 Likes

Resolved! Using application-default with application override

According to product help for application-default: The selected applications are allowed or denied only on their default ports defined by Palo Alto Networks. This option is recommended for allow policies because it prevents applications from running on unusual ports and protocols, which if not intentional, can be a sign of undesired application ...

nthen by L3 Networker
  • 10104 Views
  • 6 replies
  • 0 Likes

Virtual-Wire Link Aggreagaion

HelloI installed about virtual-wire link aggregation. (image1.png & image2.png)all members of 'ae1' are ethernet 1/3 , 1/5 , 1/7.all members of 'ae2' are ethernet 1/4 , 1/6 , 1/8.all members of 'ae2' was disconnected when I had removed ethernet 1/3. (image3.png)They was connected after 5 seconds.(image4.png)The device is enabled link state p...

Troubleshooting Shotetel Communicator over GlobalProtect

I am wondering if anyone has successfully setup Shotetel Communicator (softphone) using the GlobalProtect VPN client? I am working with a company who up until last week was successfully using the Shoretel Communicator through their Sonicwall's VPN client. Upon switching over to the Palo Alto with GlobalProtect, the softphone breaks. Soem func...

njoyzrd by L1 Bithead
  • 5365 Views
  • 5 replies
  • 0 Likes

Can anyone tell me how to get the botnet to display for a superreader?

We have a group that would like to review threats, including botnets... We have created accounts providing them superreader access but the botnet selection is not on the monitor screen...I also tried creating an Admin Role giving them ReadOnly access to everything when possible, Enable access to report items including Botnet but disabling Commit...

jraleigh by L1 Bithead
  • 2596 Views
  • 3 replies
  • 0 Likes

Related Logs in Traffic Log - no URL-Filtering?

Hi,isn't the "Related Logs" field in the details of a traffic log entry supposed to list logs from other logging categories like URL-Filtering or Data-Filtering as well? I only seem to get other traffic logs in the related log field. Example:* outgoing web-browsing is allowed, logging is turned on* URL-filtering is in place, logging is turned on...

User-ID and Windows clients running GPO's with another useraccount !

Hi ppl !We have a problem regarding User-Id and the security log from windows AD. Normally when the user logs in on a windows pc and connect to AD, the USer-Id and ip > username maps correct.The problem occurs when a "GPO" on the client starts up with system privilegies and another user account (administrator rights account). These gpo's run...

Multi Virtual system

On a production PAN device if I want to create a new virtual system but I didn't enable the multi virtual system capability option intially would I be able to create a new one with disrupting the production network. The reason I'm asking this is when you create a virtual system all your configurations are tied upto the virtual system name. If I ...

Resolved! "No matching record" in ACC after initialy using the PA-device

Hi, Today we start using the Palo Alto device. Being one of its beneficial features, the Application Command Center provides a quick Birdseye view upon network visibility. Initially, we could drill down into (eg) Top Applications, in order to find out the top ip sources. After some 6 hours, this fine grained information seems not to be availa...

wimjuste by L1 Bithead
  • 9523 Views
  • 10 replies
  • 0 Likes

Graphical traffic monitoring...

Hi,We have a PA500 box running 4.1.11 software.Formerly we used pfsense enjoying RRD graphing of traffic amount on the different interfaces. We display network information on a big monitor outside our office. Does anyone here use some thirdparty software to achieve this with PAN boxes? We don't need all the bells and whistles, and it should be...

Panorama Adaptive Objects

I have several PAN firewalls that I now manage individually and have recently purchased a Panorama appliance in the hopes of making it easier to manage common policies.We have two sites that will need identical rules but with different IP's referenced in the rules. I come from a background of using McAfee CommandCenter and in their terminology ...

cjr222 by Not applicable
  • 2960 Views
  • 3 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks