This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4239 Views
  • 0 replies
  • 0 Likes

Traffic on untrust interface - problem

I have a problem. I have 8Mb internet connections some of my servers are directly connected to internet (I have a switch connected to servers and PA200).Every day throught untrust interface are made backups of this servers. So the traffic on untrust interface dramatically rise from few Mb to about 100Mbit during the time where backups are made.I...

_slv_ by L4 Transporter
  • 3403 Views
  • 4 replies
  • 0 Likes

Resolved! Guidance in setting up ssl decryption - cert management

I am trying to get this setup for a customer and this is my first time setting up ssl decryption. The customer has SBS2011 so they do have AD CA. I created a domain cert for the PA and exported the root cert. I imported both of these into the PAN firewall. I set the PA cert as the forward trust and forward untrust and the other as a root cert. I...

SDorsey by L4 Transporter
  • 5570 Views
  • 7 replies
  • 0 Likes

Best Practices for Application Policies?

I was wondering if there is a best practices document for setting up a policy to control particular applications. I've already dug through the Skype tech document which tells to enable unknown applications. Are there any other applications that work better or require unknown applications to be enabled? To take it further, is there an application...

nugentec by L1 Bithead
  • 14876 Views
  • 19 replies
  • 0 Likes

SMB Fragment Packet Found(32332)

Hi,Anyone have experience of this firing off continuously for 'normal' LAN traffic (deffo not being used as an evasion technique) since the signature was modified (v337)?Cheers

apackard by L4 Transporter
  • 2204 Views
  • 1 replies
  • 0 Likes

VMWare series firewall

Just noticed a section of he help file for PANOS 5 which mentions a virtual firewall series from Palo Alto. Sure am interested in some more info....Bob

BobW by L4 Transporter
  • 1927 Views
  • 1 replies
  • 0 Likes

Yahoo Toolbar uses port 443. The application database on the PAN only looks for port 80.

Hi, I noticed my PAN is blocking connections from my client computers to the yahoo toolbar over port 443. After looking around in the database I noticed that it's only looking for this app to use port 80. Is there a way for me to add port 443 to this application. Or can PAN update their app database? How do I do about making this request?Thanks ...

Resolved! Problem with multiple Netflow profiles

Hello,I encounter a problem using multiple netflow profiles on our PA-500 running PAN-OS 4.1.8I have defined 3 different neflow profiles, each refers to a specific port on the same host.Each profile is assigned to exactly one physical layser 3 interface.The first profile delivers reasonable data to my flow receiver (Paessler PRTG Network Monitor...

lavision by L2 Linker
  • 5444 Views
  • 5 replies
  • 0 Likes

Block page and SSL

Hey all,So, we have a need to block everyone but a small AD group access to a couple pages. Now, we don't want to just "deny" them in the rule (we have a comfort page that promps them they are blocked and allows them to request access) - I don't want to see all those tickets about a site not loading. So, here is what I did:Rule 1 Allow: Anyon...

mrsold by Not applicable
  • 5773 Views
  • 6 replies
  • 0 Likes

Resolved! What is hidden locally on a device when being managed by Panorama?

When you configure a PA device to be managed by Panorama the first thing that (when you login through web-gui directly to the managed device) goes away is the contents of running-config.xml regarding address objects and security policies.These settings can instead be obtained by login through CLI/SSH and run "show config pushed".But what about P...

mikand by L6 Presenter
  • 5877 Views
  • 6 replies
  • 0 Likes

Resolved! Application = insufficient-data?

We have some outgoing UDP traffic that shows up in the traffic log with "insufficient-data" in the application field. The problem is that this traffic is being allowed through the firewall because it's being matched to a rule that allows FTP traffic through. What does the firewall mean by "insufficient data", and why does it think it's FTP traff...

ahopkins by L2 Linker
  • 21551 Views
  • 7 replies
  • 0 Likes

Alternative to sAMAccountname ,when using Ldap for Authentication

Hi,When we use to authenticate users through AD, we configure LDAP profile and in Authentication profile tab.We write "sAMAccountname" for attribute at this window.We want to change this attribute and we want users not to log in with just username; We want them to log in with username@domain or domain\username so What attribute should we use ?...

Resolved! Panorama license limit

Does anyone know if a customer owns a Panorama 25 device license and wants to add device #26, will it not allow them to add the 26th device or will it?Thx

jwolach by L4 Transporter
  • 7442 Views
  • 8 replies
  • 0 Likes

Threat exception for selected hosts

Hi,We have defined vulnerability group which consists of AV, Anti-Spyware and Vulnerability profile. The vulnerability profile is configured to block critical events and alert on high and med. I have a need to except few hosts which are alerting for SSH brute force (high). How do I achieve this? Assuming if I configure new profile group and poli...

  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks