General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 194 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 877 Views
  • 0 replies
  • 0 Likes

Resolved! High rate on "flow_host_ha_encap_err"

Hi folks,

By chance (okay, we were troubleshooting another issue) we found a potentially strange issue on our active PA-2050 (there is a secondary (HA passive) PA-2050 in place as well).

1) We issue the following command on the prompt: show counter glo

...

oschuler by L4 Transporter
  • 6196 Views
  • 5 replies
  • 0 Likes

Resolved! New Java vulnerability, CVE-2013-0422, released 1/11/13

Hello all,

Just wondering if anyone might be able to tell me whether this vulnerability, CVE-2013-0422, is being addressed? And, if so, when could we expect to see a patch for this? Thank you!

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-04

...

u13987 by Not applicable
  • 3035 Views
  • 4 replies
  • 0 Likes

Wildfire questions

Ran a very quick and dirty test with Wildfire using a few malicious files I could find online. 2 out of 8 of these were judged "benign" by Wildfire (the 2 that were missed were very similar, so 1 out of 7 may be more accurate). Anyway, I know that no

...

mscox42 by L0 Member
  • 2208 Views
  • 1 replies
  • 0 Likes

Resolved! NAT to multiple https sites

It is possible to NAT to multiple internal https sites behind a single external IP address?  If so any guidance on how to create the NAT policy would be most apprecaited.

tjcarter by L1 Bithead
  • 6716 Views
  • 10 replies
  • 0 Likes

PA-500 dual internet connections

Hello all,

First post here!!

I have a PA-500 that I'm trying to add a second internet connection to and I'm running into an issue. The goal here is to keep the primary line (a bonded T1 solution) for corperate traffic such as VPN tunnels, remote connec

...

Resolved! Block DMZ specific URL

Hi dear,

I wanted to block from Internet a specific URL on our public
webserver that located on our DMZ:

We have a webserver on our DMZ example (https://toto.ourcompany.com) so we have
a policy that allow from Internet to access this webserver by SSL, wh

...

BSadozai by L2 Linker
  • 2939 Views
  • 2 replies
  • 0 Likes

Routing to the same IP address via different tunnels.

routing the same IP within a VR via 2 different ipsec tunnels, I currently have a primary tunnel and a backup tunnel built for a customer.  All traffic from this customer comes from the same PAT address to my firewall.  I have 2 static routes going t

...

cmoore50 by Not applicable
  • 2866 Views
  • 1 replies
  • 0 Likes

Resolved! intra-zone default

Hi,

Do we have an option to disable default intrazone-allow policy which is hidden.

thanks

panos by L6 Presenter
  • 6616 Views
  • 5 replies
  • 0 Likes

How do you duplicate a device group

Mite seem like a simple question, but it seems you can only clone/duplicate the security rules within the same policy you cloned/copied it from.  Im trying to create a new device group and use existing security rules from an existing device group wit

...

jessiea by Not applicable
  • 7188 Views
  • 5 replies
  • 0 Likes

How to logout users from CLI and Web UI

Hi was wondering if we can logout users who are authenticated from Radius and local database if we have super user permissions

Also will i be able to clear commit which is already in progress because if i stop a commit and try commit at a later time i

...

srikanth by Not applicable
  • 22813 Views
  • 4 replies
  • 0 Likes

Apps & Threat update link not visible

Hello Guys,

when I was about to update the latest Antivirus, Applications and Threats (Device>Dynamic Updates) of  the box, I noticed that the update link for Applications and Threats are not visible. I tried to restart the box but still the link did

...

Zone Assignment

In PanOS, how are the zones established for inbound rules?  I have a bi-directional NAT created for a device located in a DMZ.  I also have a security policy allowing traffic to the NAT address from the untrusted zone (Internet).  When traffic comes

...

jpvh1234 by L0 Member
  • 2639 Views
  • 1 replies
  • 0 Likes
  • 24011 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels