This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4228 Views
  • 0 replies
  • 0 Likes

AD Groups in Firewall Policy - Inconsistent Behaviour

I have two issues with managing firewall policies when using AD groups; running 4.1.7 - so am using the 'on-hardware' group retrieval rather than the PAN Agent.1) When adding new groups to be mapped they do not appear in the GUI i.e. cannot be selected for a policy from the 'drop down' selector. This will usually fix itself after a random amoun...

apackard by L4 Transporter
  • 3966 Views
  • 4 replies
  • 0 Likes

Resolved! Puffin Browser: Bypassing Filtering policies (big loop hole may be ??)

Greetings,I was pleasantly surprised when I got to know that I can download Puffin Browser as an app on mobile and tablet devices and browse my way through to otherwise blocked websites / denied applications. Just to confirm what I did:1. Created a Security policy (IP address based and not User based) "Puffin Browser Test" for my iPad and allow...

Resolved! How to cancel screen output in CLI ?

Very silly question, so I apologise now..How do you cancel the screen output in CLI... for example I show the running configuration, there's about 500 pages of it, and I dont want to sit mashing the space bar for 20 minutes!I've tried all the usual suspects, ctrl+c, esc, etc... and I had a scan through the CLI user guides.....I couldn't find any...

Dpeters1 by L2 Linker
  • 5426 Views
  • 2 replies
  • 0 Likes

Production Code Recommendations

I am getting ready to move two 5050s into production and would like to know what release code to start with based on your recommendations. I assume that 4.1.10 would be the best choice, but 5.0 has been out for a little while now. I normally wait for about 4 or 5 releases before moving to the next revision. Thanks for the info.

Best Practises from a Performance perspective.

Hello Everyone,Could someone shed some light on configuration best practises that can optimise performance from GUI , Security rule processing etc ?For example , I was told that using a App Group with a large number of Apps to whitelist might have an adverse performance impact , instead it is better to use App filters as much as possible. And wh...

Resolved! URL Filtering in Panorama

Hi All,why URL Filtering version in Panorama always shows as "0"?Where is URL Filtering database stored? I found that unlike normal PA box, there is NO URL Filtering schedule can be set in Panorama -> Dynamic update, are they related?

TerryYau by L0 Member
  • 2546 Views
  • 1 replies
  • 0 Likes

Resolved! Are PA-devices affected by the packets of death?

For more information see Not Just AstLinux Stuff: Packets of Death and http://www.kriskinc.com/intel-podhttp://sourceforge.net/p/e1000/bugs/119/?page=3 might be related aswell.In short, a magic combo in packets will make the nic go completely offline. Only a powercycle (reboot will not help) will bring it back online (nice DoS capability). Seems...

mikand by L6 Presenter
  • 3791 Views
  • 5 replies
  • 1 Likes

What possible reason cause MP CPU higher after integrate with Panorama

Hello,As this article's title, I setup a Panorama to collect the logs from a PA-2050.But, when I complete the integration between Panorama and PA-2050, the CPU percentage of Management Plane become higher.Before the integration, the MP CPU is lower then 15%. One month later, the average keeps about 59%, sometimes higher then 60%.But I check the...

File "Block" page showing when file "Block and Continue" set

I have an issue where I have set a 'Continue' action in a file download profile, but the file Block page is being shown instead.There is a article on here saying to reset the relevant Response Page setting, but that does not work as the page being shown is still the Block page (and when exporting the HTML from the Response Page tab it shows that...

apackard by L4 Transporter
  • 5250 Views
  • 5 replies
  • 0 Likes

Block-ip action for blocking brute force ssh doesn't seem to be working

We've been noticing that we are getting quite a bit of brute force ssh attempts on our system, so we decided tonight to put in a rule that blocks those attempts. I took one of our existing policies that just logs everything, and added an exception that would block ssh brute forcing. Originally the action we set was block-ip, and we set it to blo...

Landon by L1 Bithead
  • 8032 Views
  • 8 replies
  • 0 Likes

PA200 with DSL (Dynamic DHCP Client) causing slow web browsing and "incomplete" application in traffic monitor

Ever since I put my PA200 inline at my house, my internet has been running really slow.In troubleshooting, I learned about the "More Runtime Stats" link in the virtual router. I needed this info to determine what traffic should be considered "interesting" and routed through the SSL VPN to create split tunneling for remote access.Because s lot o...

cindyb by Not applicable
  • 3882 Views
  • 1 replies
  • 2 Likes

Resolved! there is a way to log with alert when using a cat in TAB "Url Category"?

Hi,All my URL profil is config with ALERT instead of allow. So i log any URL block or accept.But the problem is im not able to ALERT if i unblock or block a category under policies TAB name "URL Category".I have no choice, my rules are set in this way. I have a default URL profil that give access to most of the category.But i have some sepcifi...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks