This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4124 Views
  • 0 replies
  • 0 Likes

Dual power supplies

Dear All,We have more and more requests and complaints from prospective clients requesting dual power supplies on the PA 2xxx and upcoming 3xxx series. This is one of the first questions we get from many prospective clients, and the negative answer in this regard always starts off negotiations on the wrong foot. Most customers view the PAs as be...

Resolved! Problem with certificate after upgrading GlobalProtect 1.1.7

Hi everyboy.Up to now, I've had working a Globalprotect configuration, with only a Server Certificate, and it worked very well.After upgrading to version 1.1.7, I've received the message: "The paloalto.xxxxx.es certificate is not signed by a trusted certificate authority.". That is a problem for "no on demand" VPN connections, because you have t...

File Blocking, save file locally

Hello,With wildfire you can use a policy to send the files to the cloud, so that paloalto networks can analyze it.Is there a possibility to send the file to a an internal ftp or to save on the device?Thanks

aojea by Not applicable
  • 2686 Views
  • 1 replies
  • 0 Likes

Easily fooling App ID?

Recently I've seen some information posted on a forum and I was hoping someone could speak to this. Here is a quote:"I work as a security auditor and I've come across them a few times. The "application" is http (web) which is allowed from the client segment to the external one. The backdoor software mimics a regular web session, as per a user w...

tweaked2 by L0 Member
  • 11823 Views
  • 10 replies
  • 2 Likes

Default syslog string?

Would anyone by any chance know the "default" syslog string ie. with the parameters $path etc etc... Would be interesting to know to have something to start from instead of beginning, like now, clean... Br, Christian

criiser by Not applicable
  • 2344 Views
  • 1 replies
  • 0 Likes

Resolved! Moving from a Cisco ASA to PA-5020 Setting up a DMZ zone on the Palo Alto . There is suppose to be a tool to work with the existing cisco configuration to build a config for the Palo Alto

Moving from a Cisco ASA to PA-5020 Setting up a DMZ zone on the Palo Alto . There is suppose to be a tool to work with the existing cisco configuration to build a config for the Palo Alto any one used it or have a copy ?

dnagin by L1 Bithead
  • 2553 Views
  • 1 replies
  • 0 Likes

Resolved! How to include users directly belongs to OU (orgnisation unit) in include group option in LDAP group mapping for user id Agent,..?

Hi All,..We have installed User ID agent 4.1.5 showing ip to user mapping or traffic, now we are looking to place a user based policies but in AD users are directly belong to OU which we cant add in the include group option in group mapping.. is der any way to get user names in policies?Regards,Guru.

Gururaj by L4 Transporter
  • 2461 Views
  • 1 replies
  • 0 Likes

Resolved! On device in policies not showing user names, but in user-id agent we are able to see ip to user mapping.

Hi All,On device in policies not showing user names under the source user tab, but in user-id agent we are able to see ip to user mapping. PaloAlto device is connected to machine on which user-id agent has been installed. Is there any other configuration is required to get user names in policies ? Please help me.Regards,Guru

Gururaj by L4 Transporter
  • 4236 Views
  • 3 replies
  • 0 Likes

Resolved! 'infra-group: restarts exhausted, rebooting system' and Firewall REBOOTS random

Greetings Again,Off late I have been hit with quite a few surprises after the release of version 4.1.x. Now this is the latest one that surprises me. Over the last few months one of my customer's PA-2050 has randomly rebooted which obviously has a large impact on our users ( I was never told of these till today). The customer is presently run...

Source user not shown in some logs

Hello,I have developed a script that collects user-ip mapping from a wireless controller and send this info to User-ID Agent. All these looks fine because I can see the users in the User-ID Agent monitor table, but when I look traffic logs on Palo Alto I can see some logs do not have a user identification and other logs have it, for the same sou...

Resolved! Anyone having issues with cacti after upgrade to 4.1.8

Grettings, just wondering if anyone else is having any issues with cacti after upgrading to 4.1.8. All my graphs stopped working even though cacti is able to quere snmp just fine. After I downgrade back to 4.1.7 everything is working fine again. Thanks

pvaughan by L0 Member
  • 3531 Views
  • 2 replies
  • 0 Likes

Resolved! Responding to DMCA takedown requests

I'm a recent Cisco ASA convert. I'm in an academic environment so bittorrent (and P2P in general) is permitted. We get an occasional DMCA takedown request. Finding the culprit in the ASA world was pretty straightforward: grep the syslog for the NATed port and see if there was a match near the alleged infringement time. I'm having a difficult tim...

MCmgt by L2 Linker
  • 3492 Views
  • 4 replies
  • 0 Likes

Resolved! Re: show routing route destination output

Hi,Sorry I know this is an old thread but figured I'd ask here as my issue is the same... I am interested in finding the specific route in the route table that will be used for a specific destination network lookup. So I do "test routing fib-lookup ip 2.2.2.2 virtual-router default" command but the output only shows the interface that will be u...

Resolved! certificate import for using captive portal

Hello community,we have running a PA-500 with a captive portal configuration. This config was build up last year on a PAN-OS 3.1.7. We haved used Debian Linux with openssl to generate a key-pair and a CSR. To correctly import the certificate I had to convert the certificates in Base64 format and copy&paste the intermediate certificate on the...

  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks