This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4243 Views
  • 0 replies
  • 0 Likes

wildfire and security policy - problem

I have enabled wilfdire protection on polisy for NAT (also antyvirus/antyspyware/Volnerability).From time totime I get email with information that someone from my network downloaded some files infected ie. by malware.Until now I think that this file was blocked by PAN.Today I tryed (just for test) download file from link from that email (storage...

_slv_ by L4 Transporter
  • 7862 Views
  • 5 replies
  • 0 Likes

Blocking a site hosted malware

A new "parked domain" company and come to surface, and they seem to own a LOT of domain names, none of which brightcloud has correctly classified as "parked domain". The server in question is hosting a piece of malware called seedabutor.b. Our AV is catching it, but I'd love to just block the whole server instead of handling this each time I s...

cenders by L3 Networker
  • 2958 Views
  • 2 replies
  • 0 Likes

Resolved! Virus install high CPU on Active, not standby?

Hi.Configuration : 2 x PA2020, Active/passive, running 4.1.11, trying to install AV release 957-1328I noticed today while pushing a virus definition update that the active node in my active/standby takes an absolute age to install/update, with the management CPU running at 100% for most of the process, but the standby node not only finishes fast...

darren_g by L4 Transporter
  • 2395 Views
  • 1 replies
  • 0 Likes

Resolved! Can I get all managed devices to show in Panorama Maps?

Do anyone out there know if it is possible to display all managed devices in Panorama in either the Threat or Traffic Maps?We have branch firewalls in locations all over the country and it would be nice to see which were getting hit with more traffic or threats in a visual manner.

test security-policy-match

HiSomebody help me write command test security-policy-match....... which WORKS and search that rule: VIP-TEST { from zone-v586; source any; source-region any; to zone-v8; destination 192.168.81.81; destination-region any; user cn=net_vip-test,ou=paloalto,dc=domena; category any; ...

Wbm by L2 Linker
  • 5802 Views
  • 6 replies
  • 1 Likes

Resolved! PAN-OS Upgrade with HA

Has anyone found a really good tech note that goes over performing a PAN-OS upgrade on an HA pair? Both Active-Passive and Active-Active?

cindyb by Not applicable
  • 4407 Views
  • 2 replies
  • 1 Likes

Resolved! Mgmt Plane Always high CPU

I have a PAN fw at a client site that always has the mgmt plane cpu at 100%. The data plane CPU barely ever goes above 10%. Is there an easy way to troubleshoot the cause of this or what is taking up so much CPU usage?

SDorsey by L4 Transporter
  • 10755 Views
  • 10 replies
  • 0 Likes

Has anyone taken a look at panug.com ?

I stumbled across a site that I think aims to be similar to https://www.cpug.org - sort of the community's independent forum where discussions about Palo Alto can take place. Kind of a neat idea, but I'm not sure how much community momentum it has.Check it out: http://panug.com

Resolved! Can't download GP client from the portal

We are setting up GP for SSL VPN. For testing purposes , we have created a local db account on the box and setup GB. The portal comes up and when u log in , u never go beyond the login page . It keeps trying to connect and never does . It eventually times out . This is for external users connecting through the public IP . Users on the corporate ...

usvi by L3 Networker
  • 3943 Views
  • 4 replies
  • 0 Likes

Certificate for Secure Web GUI creation

HelloWhich attributes shall an external CA certificate have to be accepted as a Secure Web GUI Certificate?I have imported one, but SSL Management doesn't work with it. These are its attributes: Version: 3 (0x2) Serial Number: 15:28:3b:46:00:00:00:02:38:da Signature Algorithm: sha1WithRSAEncryption Issuer: DC=in...

Best practice for OWA and OMA

HiI'm getting rid of our old ISA server which we used to expose OWA and OMA and want to use our PA-500 to allow domain users access to OWA and OMA (for their iPads etc).I've noticed that the application 'Outlook-web' is used for OWA and its dependancies are SSL (understandable) and Web-Browsing (not so understandable but it must be needed otherw...

TDC by L1 Bithead
  • 5506 Views
  • 4 replies
  • 0 Likes

Commit Error (sslvpn)

Hi,I am recieving the following error when issuing a commit,Management server failed to send phase 1 abort to client sslvpnManagement server failed to send phase 1 to client useriddCommit failedThe only change in configuration is adding new local users which are used for global protect.I am running 5.0.1Regards

rsaber by L1 Bithead
  • 5202 Views
  • 4 replies
  • 0 Likes

Inbound SSL Decryption and monitoring

Hello,I'm trying to setup inbound SSL decryption. It is a pretty basic setup. Two layer 3 interfaces on a PA-500. One interface is in an 'Outside' zone, the other is in a 'DMZ' zone. In the DMZ zone is a web server with a signed SSL certificate. The PA is NATing the server in the DMZ to the appropriate address space Outside.I have imported th...

  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks