This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4253 Views
  • 0 replies
  • 0 Likes

Wildfire Depth

The first question I have is how many layers will the file blocking inspect? For example, a zip in a zip has an exe that is malicious. If the PA doesn't inspect that far down wouldn't I be able to get through the firewall inspection?If the above is true and I am the security network guy that wants to block this behavior, could I set up wildfire ...

das by Not applicable
  • 3217 Views
  • 2 replies
  • 0 Likes

Resolved! IPSec VPN Proxy ID setup with multiple encryption domains on a policy based VPN peer

I need to establish VPNs from a PA5050 to Cisco devices where there are multiple encryption domains at the Cisco end.I understand using one proxy id on the PAN to match one encryption domain on the Cisco, i.e. connecting route based to policy based VPN devices.My question is how to set up multiple Proxy IDs from a PAN device to match multiple en...

pmcelwee by L0 Member
  • 10260 Views
  • 2 replies
  • 0 Likes

Issues getting ip-user mapping with probing error

Hello,I've got UI agent 4.1.6 configured on PanOS 4.1.9.We have around 3000 users and in agent we see only around 700 user-mapping count.in the logs we get the below error for a lot of IPs and i guess that's why we dont get all users. I've tried to disable WMI but still doesnt work.Have anyone experienced a similar iissue?2/22/13 08:17:29:688[ I...

vinesh by L2 Linker
  • 5597 Views
  • 3 replies
  • 0 Likes

miniduke

I got the question from de security dept, to investigate miniduke.This was is detected by kaspersky labs, as an exploit of an Adobe flaw CVE-2013-6040I dont' find anything on PaloAlto about miniduke , or CVE-2013-6040

LucVdb by Not applicable
  • 1952 Views
  • 1 replies
  • 0 Likes

Report on attempts to access unsuitable content

Hi AllI have been tasked with creating a report that shows if a user has attempted to access or find a way of accessing unsuitable content. While I can obviously run a report on pages that have been blocked by the filtering system we want to see any attempts to try and access blocked content, such as certain keywords withing search engines etc.A...

Resolved! Eicar and Palo Alto threat-db

First a question:Where and how can I see what is the default action for a particular threat, vuln or spyware threatid?Preferly from within the box itself...And now for an observation:I tried searching for eicar in the threat vault and obviously there are four different (?) eicars registered:2739329 Virus/Win32.eicar-av-test.b2459563 Virus/DOS.ei...

mikand by L6 Presenter
  • 4930 Views
  • 4 replies
  • 0 Likes

Resolved! Getting an application definition modified?

Folks.I have run into an issue with the way a specific application passes the firewall, and I need to put in a request to Palo Alto to have it modified.The application is Subversion, and when I set the firewall to allow only "application default" services, the firewall blocks connections because this particular installation is running off an Apa...

darren_g by L4 Transporter
  • 5219 Views
  • 5 replies
  • 0 Likes

URL Filtering - Continue Action on Terminal Server

Hi,I have a customer who has deployed a PA-2020 with 3 Terminal Server agents at this seems to be operating well with one exception.They have configured a URL filtering policy that has a Continue action on a number of categories.When a standard LAN user accesses these sites, the continue operation works fine. The problem is when a user on a Term...

Resolved! SSL Decryption on Apps.

Outside of SSH and SSL applications can anyone if there is a lookup in applipedia to tell whether the SSL decode applies to an application?

amansour by L4 Transporter
  • 2124 Views
  • 1 replies
  • 0 Likes

Is there a reason to hide hotfixes in Software Update?

I was curious to know if there was some prevailing notion as to why PA would keep the hotfixes hidden or at least not readily available from the Software section of the firewall itself.It is displayed where deployment without the hotfix is a very bad idea such as 4.1.8.But for in cases like 4.1.7, where the PA tech informed us that we should abs...

Palo Alto Vmware image

Hi,I am planning to replace my company's firewalls with Palo alto instead of Checkpoint however I need try it out in a lab or something before I provide further information to my management team, Is there a way I can get a vmware image to try it out on Esxi,???Thnx Krishna

Krishna by Not applicable
  • 3451 Views
  • 3 replies
  • 0 Likes

Resolved! 5.0.2 upgrade question

I want to upgrade from 4.1.7 to 5.0.2, I am currently running Global Protect v1.1.6.. and pan agent user-id agent v4.1.4-3. Can I perform the upgrade without updating the GP client and user-id agents?

rrau by L3 Networker
  • 2844 Views
  • 2 replies
  • 0 Likes

BGP Dampening Profiles

All,Does anyone know the CLI command to use to view the dampening profiles status on flapping routes? There looks like a way to clear the status with clear counters bgp ... but I cannot find the available show command.Thanks in advance,Jason

  • 24362 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks