This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4126 Views
  • 0 replies
  • 0 Likes

What to do with Large Logfiles

I have two PA4060s and Panorama on our internet border. I need to retain logs of all outbound traffic for at least three months. After watching the log retention on Panorama for a couple of weeks and running the debug log-receiver statistics command, doing calculations from it, and by watching the amount of data stored and knowing the size of ...

djr by L4 Transporter
  • 4031 Views
  • 4 replies
  • 0 Likes

Resolved! Panorama Logging Backfill

I have had to upgrade both my firewalls and Panorama from 4.1.9 to 4.1.10 about a week ago. I updated the firewalls and subsequently cleared the logs for them, however, I failed to do that with the Panorama. Yesterday, I realized this important missed step and subsequently went to export the current logs. The transfer finished this morning and I...

dhill6 by L1 Bithead
  • 2579 Views
  • 1 replies
  • 0 Likes

Resolved! All user activity for last 30 days

Hello,I've done some searching and also have engaged support but I believe I've hit another black mark for our PA. Has anyone figured out a way to get all user activity for a certain frame exported?I need simply:userDate/timesite visited (full url, not IP)bytes transferredThe user activity report only shows blocked activity for me, I need allow...

mlaporte by L1 Bithead
  • 3491 Views
  • 2 replies
  • 0 Likes

Resolved! Creating Custom Applications

Greetings,Am I missing something, when creating a custom application why can't I create my own custom category and subcategory? Also, I'm surprised PAN doesn't detect intouch (wonderware) as an application?thx,Bill

Wildfire Depth

The first question I have is how many layers will the file blocking inspect? For example, a zip in a zip has an exe that is malicious. If the PA doesn't inspect that far down wouldn't I be able to get through the firewall inspection?If the above is true and I am the security network guy that wants to block this behavior, could I set up wildfire ...

das by Not applicable
  • 3172 Views
  • 2 replies
  • 0 Likes

Resolved! IPSec VPN Proxy ID setup with multiple encryption domains on a policy based VPN peer

I need to establish VPNs from a PA5050 to Cisco devices where there are multiple encryption domains at the Cisco end.I understand using one proxy id on the PAN to match one encryption domain on the Cisco, i.e. connecting route based to policy based VPN devices.My question is how to set up multiple Proxy IDs from a PAN device to match multiple en...

pmcelwee by L0 Member
  • 10183 Views
  • 2 replies
  • 0 Likes

Issues getting ip-user mapping with probing error

Hello,I've got UI agent 4.1.6 configured on PanOS 4.1.9.We have around 3000 users and in agent we see only around 700 user-mapping count.in the logs we get the below error for a lot of IPs and i guess that's why we dont get all users. I've tried to disable WMI but still doesnt work.Have anyone experienced a similar iissue?2/22/13 08:17:29:688[ I...

vinesh by L2 Linker
  • 5557 Views
  • 3 replies
  • 0 Likes

miniduke

I got the question from de security dept, to investigate miniduke.This was is detected by kaspersky labs, as an exploit of an Adobe flaw CVE-2013-6040I dont' find anything on PaloAlto about miniduke , or CVE-2013-6040

LucVdb by Not applicable
  • 1930 Views
  • 1 replies
  • 0 Likes

Report on attempts to access unsuitable content

Hi AllI have been tasked with creating a report that shows if a user has attempted to access or find a way of accessing unsuitable content. While I can obviously run a report on pages that have been blocked by the filtering system we want to see any attempts to try and access blocked content, such as certain keywords withing search engines etc.A...

Resolved! Eicar and Palo Alto threat-db

First a question:Where and how can I see what is the default action for a particular threat, vuln or spyware threatid?Preferly from within the box itself...And now for an observation:I tried searching for eicar in the threat vault and obviously there are four different (?) eicars registered:2739329 Virus/Win32.eicar-av-test.b2459563 Virus/DOS.ei...

mikand by L6 Presenter
  • 4860 Views
  • 4 replies
  • 0 Likes

Resolved! Getting an application definition modified?

Folks.I have run into an issue with the way a specific application passes the firewall, and I need to put in a request to Palo Alto to have it modified.The application is Subversion, and when I set the firewall to allow only "application default" services, the firewall blocks connections because this particular installation is running off an Apa...

darren_g by L4 Transporter
  • 5148 Views
  • 5 replies
  • 0 Likes

URL Filtering - Continue Action on Terminal Server

Hi,I have a customer who has deployed a PA-2020 with 3 Terminal Server agents at this seems to be operating well with one exception.They have configured a URL filtering policy that has a Continue action on a number of categories.When a standard LAN user accesses these sites, the continue operation works fine. The problem is when a user on a Term...

Resolved! SSL Decryption on Apps.

Outside of SSH and SSL applications can anyone if there is a lookup in applipedia to tell whether the SSL decode applies to an application?

amansour by L4 Transporter
  • 2087 Views
  • 1 replies
  • 0 Likes

Is there a reason to hide hotfixes in Software Update?

I was curious to know if there was some prevailing notion as to why PA would keep the hotfixes hidden or at least not readily available from the Software section of the firewall itself.It is displayed where deployment without the hotfix is a very bad idea such as 4.1.8.But for in cases like 4.1.7, where the PA tech informed us that we should abs...

  • 24336 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks