This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4133 Views
  • 0 replies
  • 0 Likes

Resolved! GlobalProtect 1.1.7 Subject Alternative Name (SAN)

I'm reading the changes to default behavior with certicifcates in the new GlobalProtect 1.1.7 and I don't know what the Subject Alternative Name (SAN) point is referring to. I generate all the certicates from the PAN firewall for the GlobaProtect authentication setup. The Common Name is clear but where do I need to check the Subject Alternative ...

frypan by L0 Member
  • 3005 Views
  • 1 replies
  • 0 Likes

url field in cutom log format ?

Hi all,I'm trying to customize the log forward to my Syslog.In syslog server profile / custom log format / threat, I definitely not succeed in finding the right field where visited website urls are stored !If somebody have an idea ?Regards,Karl

Karl by L1 Bithead
  • 4756 Views
  • 6 replies
  • 0 Likes

Resolved! GlobalProtect, enabling ipsec from outside

Hi all,I am trying to enable Global Protect. So far I've been able to connect the client to the firewall successfully. However the remote VPN client cannot talk to inside hosts. But the inside hosts can ping the remote client.After troubleshooting, I found IPSec traffic is blocked at the outside interface (which blocks everything). When I enabl...

BTS_MS by L2 Linker
  • 4937 Views
  • 4 replies
  • 0 Likes

Resolved! Harddisk Diagnostic Run test

Hi All,Have you guys any experience to do harddisk diagnostic test on PA5020? if yes, how long i should wait? because i run the box almost 4 hours but till now no response from the box. there is no progress indicator so i dont know whether it still running or not.below is the last output. could i just stop it or must wait till finish?-------Rand...

el by Not applicable
  • 7487 Views
  • 5 replies
  • 0 Likes

False Positive Virus

We use Total Defense for an antivirus program. It appears that one of the executable (both the 32 bit and 64 bit versions) in the latest update is being flagged as a virus, Virus/Win32.WGeneric.bnrd, the other executable files are fine. When I look at the Data Filtering log for Wildfire I see it says that it was forwarded. But when I look at ...

rgreens by L2 Linker
  • 4878 Views
  • 3 replies
  • 0 Likes

Resolved! Problem with Captive Portal authenticated by User AD

Hi all,I got a problem when I use captive portal authenticated by user AD- First, I install Palo Alto User Agent on AD machine, this job worked fine. On the traffic log of PA, I saw User AD.- After that, I configure captive portal on PA and it works too, the user AD no need to login to Captive Portal (CP) and user not in AD must login via CP to ...

nguyenma by Not applicable
  • 5582 Views
  • 4 replies
  • 0 Likes

Resolved! Multiple DMZ setup question

Hello,I'm looking to create 2 dmz's on the PAN as separate networks. This is how I have it envisioned and would appreciate any feedback.1. configure two layer 3 interafaces with GW IP assigned2. assign security zone to each interface3. attach each interface to existing VR4. route internal dmz address networks to each interface in VR5. set secur...

iguarino by L0 Member
  • 5348 Views
  • 3 replies
  • 0 Likes

Resolved! PA 500 cluster synchronization failure

Hello,I've a problem with a cluster of PA500 running PANOS 4.1.8.Config File synchronization is not working between members.After a config change is done on the master, the following error message appears in the log file of the passive member:HA Group 1: Running configuration not synchronized after retriesThe only way to sync is to move on the C...

licenselu by L4 Transporter
  • 7956 Views
  • 11 replies
  • 0 Likes

Applications within SOCKS

Hi,When deploying a Palo Alto inline between a client and a SOCKS proxy that client uses, will it be able to recognize the applications accessed over the SOCKS Proxy? Or will you only see the SOCKS application being used by that client?ThanksS

dinges by L0 Member
  • 5968 Views
  • 2 replies
  • 0 Likes

vLAN clarification & help

At my place of employment we've implemented a couple PAN-2020s in HA and have defined about 6 to 8 networks 1 attached to 1 physical port in a L3 configuration. We have cables running to a switch that each are untagged with different vLAN ID's (LAN = Default_VLAN, DMZ = DMZ_VLAN, etc). The vLAN'ing is done on the switch (HP ProCurve 2810-48G) an...

cmateam by L3 Networker
  • 5607 Views
  • 5 replies
  • 0 Likes

Single Mode Fiber GBICs ?

I need to purchase some Single Mode Fiber GBICS for my PA-4020's. They are really expensive. $750 a piece. Does anyone know if Cisco GBICS will work with the 4020s ? It's hard to justify spending thousands of dollars when I have a stack of Cisco SFP's in a storage closetThanks,Justin

jhickey by L3 Networker
  • 2820 Views
  • 1 replies
  • 0 Likes

Log file quota when is reach 100%

Hi,Can i know when the log space uses 100% of the quota, will delete the old log to recycle to space, or do PAN just delete portion of the log? if it only delete a certain percentage of the log , how many percent of it will be removed? or it delete the portion of log based on time?Regards,Alan

jeffhooi by Not applicable
  • 6734 Views
  • 5 replies
  • 0 Likes

How to disable App-ID for all applications

Hello, I've got two VWIRE pairs that see some duplicate traffic. Basically:VWIRE1 sees LAN to InternetVWIRE2 sees LAN+DMZ to Internet.What I'd like to do to free up some resources is disable inspection on one of those pairs for traffic when source IP matches a CIDR block. Creating a custom application doesn't work in this case.Has anyone been ...

abarnett by L0 Member
  • 7466 Views
  • 3 replies
  • 0 Likes

Resolved! Feature to test Firewall rule logic with test packets?

Im setting up some rules right now which 'should' just work as they are fairly straightforward.Is there a feature that will let me state a certain packet with certain info is comming in on an interface and the FW can tell me what rules it hits and what path it takes through virtual routers?I just want to see the flow of the packet through the fi...

choff123 by L3 Networker
  • 2895 Views
  • 2 replies
  • 0 Likes

Resolved! Since update problem with a particular site

Hi All,I have a rather strange thing happening. Tuesday this week I did the latest PA updates (Software, URL, Antivirus and The Application/threat). It all seemed to go fine, but I have been informed that since the updates our users are having problem with our ISP management site. Now there is nothing fancy about this site. It is all HTTP. Howev...

JRussell by L3 Networker
  • 5991 Views
  • 7 replies
  • 0 Likes
  • 24337 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks