This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4244 Views
  • 0 replies
  • 0 Likes

Resolved! Security Profile default actions

Once again I find myself searching for documentation, once again I am disappointed. There have been a couple posts over the years asking to see the magical "default actions" and the standard answer is "here's how, go look yourself"This is an unacceptable answer. Someone has the list - what's the secret? I'll bet it's even updated regularly.Come ...

dsinnott1 by Not applicable
  • 5988 Views
  • 5 replies
  • 0 Likes

Product sizing

hiwhat is the best way to size an appliance to find which model fits the customer network, is there a tool or a technique for it ? ..

u3974 by Not applicable
  • 3945 Views
  • 3 replies
  • 0 Likes

Resolved! Interface "attack" counters

Hi,With the command "show counter interface ethernet1/X" i see several counters related to different kinds of "attacks".land attacks ping-of-death attacks teardrop attacks ip spoof attacks mac spoof attacks I'm unable to find documentation or a desc...

torm by L4 Transporter
  • 3978 Views
  • 1 replies
  • 0 Likes

search traffic logs by vsys in CLI

Does anyone know how to specify your traffic logs by vsys and add multiple search parameters of the same type like you can in the gui? We are running PanOS 4.1.7. Notice that the app option does not show up anymore and and there is no vsys option.PA-1(active)> show log traffic action equal deny app not-equal not-applicable + csv-output cs...

Jinx by L1 Bithead
  • 2980 Views
  • 1 replies
  • 0 Likes

How do you allow Polycom (nat) via Palo Alto FW?

Hi,I'm having issue with configuring NATing for my Polycom unit sitting behind the firewall to work. I have allowed all the required apps for Polycom to allow outgoing and incoming. My issue is when I can only call out to another party with public IP but can't receive call from outside the network. I have both NAT rule for both ways in place....

akatev by L0 Member
  • 12252 Views
  • 15 replies
  • 0 Likes

Resolved! about certificate expired date

Hi All,Is there any way to custom certificate expired date that generate by paloalto itself ? I saw it on webpage that is too short, it only have six monthes.Thanks.Regards,Joy

Resolved! SSL decryption - Forward UNtrust certificate presented

Hello,We experienced a problem with a specific SSL encrypted site: https://panakeia.infoman.de/The original certificate is issued to "*.infoman.de" and was issued by Go Daddy (--> InfomanCert_Original.png). It seems to be perfectly valid but still our PA-2050 thinks different and presents our internal clients a SSL certificate issued by our "...

oschuler by L4 Transporter
  • 11570 Views
  • 7 replies
  • 1 Likes

Possibility of an IP in a physical interface and a subinterface ip in the same interface?

Hi all,I need to reassure me on a simple configuration.Is it possible to do this configuration?IP interface 1: a.a.a.a / xIP interface 1.10: a.a.10.a / xIP interface 1.20: a.a.20.a / xI ask this because I've seen a few configurations and whenever subinterfaces were used, there was no IP on the physical interface.Thank you in advance for your ret...

JS/Trojan.iframe virus?

Hello,I'm seen hits for the JS/Trojan.iframe virus only since last Wednesday or Thursday. Have seen them associated with three different websites. I suspect false positives. Anyone else out there just started seeing these? Was the virus definition modified last week?ThanksEric

schaleg2 by L0 Member
  • 5973 Views
  • 7 replies
  • 0 Likes

SSL VPN and iPhone OS 4.0

I was looking at the new specs for the 4.0 code of the iPhone OS, and saw that they were opening up the SSL VPN function to Juniper and Cisco.Any chance Palo Alto is working on a NetConnect app for the iPhone?http://www.apple.com/iphone/business/preview-iphone-os/

mharding by L4 Transporter
  • 40214 Views
  • 58 replies
  • 0 Likes

QoS for Microsoft Lync

We are starting the initial rollout of Microsoft Lync clients. Has anyone setup QoS for Lync on the Palo Altos? Any issues to look out for that anyone has run into? We have 6 sites that will eventually have Lync clients and I want to make sure the user experience is good. Any feedback would be appreciated. Thanks.Dan

dan_mc by L0 Member
  • 2967 Views
  • 1 replies
  • 0 Likes

Resolved! PBF for Torrent Traffic

I am trying to establish a policy to send all traffic based on bittorrent through a specific ISP.However, when I add any application under the destination application, I get the error: application 'bittorrent' is not an allowed keywordapplication 'bittorrent' is not a valid referenceI noticed that not all application are available to use in the ...

rsaber by L1 Bithead
  • 2535 Views
  • 1 replies
  • 0 Likes

Resolved! How real-time is User-ID?

Kind of as per the subject really. I'm interested in using User ID so that only authenticated users have internet access, but I'm not sure quite how "real-time" it is?Someone comes in and switches on a computer, logs onto the domain, tries to browse the web - will the Palo Alto know so soon that they are now the user logged onto a particular PC...

  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks