This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4254 Views
  • 0 replies
  • 0 Likes

Resolved! SSL Decryption: Clarification With Regard to Use of Wildcard Certs and Forward Proxy

The admin guide and online help are a bit thin here but lots of good info through this resource. One document seemed to indicate that ssl forward proxy (decrypting my client traffc for inspection on it's way "out") only worked with a self-signed cert or an internal trusted cert. In other words, I either generate one on the device and distribut...

Is wildfire mistaken? false negative?

Hello,i'm testing wildfire at the moment.We had a security incident on a corporate notebook there were a lot of dropped "ZeroAccess.Gen Command and Control Traffic" in the thread-log.We scanned the laptop with different virus/spyware scanners and found a file which i'm uploaded to wildfire and virustotal.Wildfire says it's Benign.Virustotal with...

Alarms on the PAN

How do get alarms to work on the PAN device. I have gone in to Device --> Alarms and set security violations threshold to 1 and the time period to 3600. However, I do not get any alarms. How does this work exactly. I can set a "security violations threshod", but what exactly makes up a security violation?

TomH by L1 Bithead
  • 2679 Views
  • 1 replies
  • 0 Likes

Resolved! Using User-ID v4, how do I exclude users in certain groups?

In the old style v3 user-ID agent, I could exclude certain groups of users from being mapped. How do I do so in v4?Background :We have certain users in a department group "Infosys" who are being blocked from web browsing. It turns out they're launching an MS tool under administrative credentials and user-ID is matching their IP against this new ...

broadleyn by Not applicable
  • 6202 Views
  • 6 replies
  • 0 Likes

SSL decryption, which version of SSL is used ?

All,We have implemented SSL decryption for a customer. The certificate used on the PA is the same as on the server.Our systems are scanned weekly by Qualys. One of the vulnerability is the following:1/ SSL Server has SSLv2 Enabled VulnerabilitySolution:Disable SSLv22/ SSL Insecure Protocol negotiation weaknessSolution:OpenSSL has released new ve...

loosj by Not applicable
  • 3099 Views
  • 2 replies
  • 0 Likes

Resolved! Timed Report

Hi,How can we generate a custom report with a start and end time in it?Pleas help.Thanks,Rex

policy-based ipsec vpn

i want to configure policy based IPSec vpn , in the administration guide i can see the steps for route-based IPsec VPN using tunnel interface , and directing the interesting traffic through the tunnel interface , nut i want to configure it without tunnel interface

Building a custom signature

Hi there,I have some DVR CCTV cameras on some other sites that I need to be able to view within my network behind the PA box. At the moment I have been able to get them access by doing a security rule allowing access from certain users/IP's to the IP addresses of said DVR's onsite. However, I have not been able to lock these down very much. At t...

JRussell by L3 Networker
  • 2390 Views
  • 1 replies
  • 0 Likes

Resolved! How to unblock "Virus Download Blocked"?

A client want to download a exe file from a bank website to log into its online banking system, however she got the following message after she clicked download link "http://www.cmbc.com.cn/download/民生个人网银安全控件.exe".Is there anyway to unblock the specific exe file in PAN?The software version is 4.1.7.Virus Download BlockedDownload of the virus ha...

yq by L0 Member
  • 12589 Views
  • 2 replies
  • 1 Likes

Resolved! URL Filter - Block one and log the rest

On a PAN with no BrightCloud license, you can still use the URL filtering "Block" and "Allow" lists. Right now I use that feature to have a "log-all" URL filtering policy where I have "*" in the block list and an action of "alert." But now I have one (or it could be a short list) of URLs that I want to really block, i.e. an action of "block." Ho...

cosx by L2 Linker
  • 3977 Views
  • 3 replies
  • 1 Likes

Exporting Security Policies

One of our PCI Compliances is to have a record of the firewall rules, and review them once every six months. My Director likes to have them in a Excel Spreadsheet. Since the beginning, we have went from 79 policies to just about 200 policies, and copy and pasting them into Excel is beginning to become cumbersome. Is there there something I am mi...

mharding by L4 Transporter
  • 4442 Views
  • 2 replies
  • 0 Likes

Resolved! OSPF A/P HA Config with Floating Static Routes

I am trying to understand the sample OSPF Active/Passive HA configuration outlined in Tech Note: How to Configure OSPF https://live.paloaltonetworks.com/docs/DOC-1939 . The problem I have is with the floating static routes defined on upstream and downstream routers intended to reduce failover times. Floating static routes are described in s...

oshcomp by Not applicable
  • 5740 Views
  • 1 replies
  • 0 Likes
  • 24362 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks