This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4115 Views
  • 0 replies
  • 0 Likes

is it possible to export firewall rule only??

Hi all.Is it possible to export security policy with CSV, PDF or txt format?? I can’t find any export menu only for firewall rule.If it is possible, is it able to modify that exported firewall rule??And then is it possible to import modified firewall rule to PA device?? Customer wants to review their firewall rule with readable file format.Of co...

willstech by L3 Networker
  • 12898 Views
  • 19 replies
  • 0 Likes

Lot of 'insufficient-data'

Hello,We see a lot of 'insufficient-data' traffic on our firewall and we couldn't find any reason so far. Does anyone have a good idea on how we can troubleshoot the issue?If we click on the insufficient-data bar we get redirected to the ACC but it doesn't show much there...Thanks,Oliver

oschuler by L4 Transporter
  • 8525 Views
  • 6 replies
  • 0 Likes

CNSE Anyone?

Just wondering if anyone out there has done the CNSE and can offer any advice regarding recommended reading etc?Thanks

brownn by L0 Member
  • 15726 Views
  • 27 replies
  • 1 Likes

DMZ Setup

I'm in a position where I need to move a device that is currently inside my network to a DMZ on my Palo 2050. Which puts me in a position where I need to create a DMZ on my Palo. Does PA have a good document for creating a DMZ? I haven't been able to find one searching the forums.

interface failover on PA500

Since link aggregation (LACP or etherchannel) is only supported on PA4000++ I want to build a simple interface-failover / interface-group setup (like any other enterprise firewall allows even on low-end devices).groupTo do this I would do the following:1. change interface mode to Layer2 on both interfaces making up the interface-group2. create a...

ctr_ts by L1 Bithead
  • 3970 Views
  • 1 replies
  • 0 Likes

Resolved! Does WildFire work in "Tap" mode?

We have had WildFire turned on for almost a week. In the Data Filtering logs, it has "forwarded" numerous "PE" files and only 1 "PE" file was logged as "wildfire-upload-success". That 1 file happened to be coming through the interfaces that are set to Virtual Wire. All of the other files that say "Forward" are coming through "Tap" mode.1) Can...

jambulo by L4 Transporter
  • 5380 Views
  • 3 replies
  • 0 Likes

ssl-vpn and IPsec tunnel Palo Alto with Check Point

Hello all,I'm hoping that somebody may be able to answer a few questions I have about the configuration of Palo Alto firewalls please?I want to set up two differents VPN, one ssl-vpn and one IPsec, i do this because i want to conect to my firewall from wherever place (ssl-vpn) and the second one to conect to another firewall from other networks ...

is it possible to add a CA in PA device?

Hello there. I have a question related to CA for SSL client. Customer has a certificate which issued by Trusted Root CA, but this trusted root CA is not contained in an ssl client's browser.And then, the customer certificate was issued by this CA.So, customer wants to distribute a CA of customer for all SSL VPN clients to avoid ssl certification...

willstech by L3 Networker
  • 3623 Views
  • 4 replies
  • 0 Likes

Resolved! Administrator login alert

Hello -I'd like to create an alert to notify me whenever an administrator logs in to our firewall. Any thoughts/suggestions as to how best to do this?Tnx, Tom

TomS by L1 Bithead
  • 2836 Views
  • 1 replies
  • 0 Likes

Blocking darknet hits

Is it possible to implement a darknet on PAN OS 4.1? I have a number of publically addressable subnets that aren't in use and I'd like to block all traffic, for some period of time, from Internet-based hosts who hit those subnets. I currently have rules in place to drop traffic to those subnets, but I'd like to take the additional action of bl...

dhamlin by L0 Member
  • 3603 Views
  • 3 replies
  • 0 Likes

FQDN address object resolution (multiple IP's)

HiCan't seem to find more information besides the Administrator's guide v4.1 on this. I have two questions on this (FQDN address objects):1) Security policies using a FQDN address object works great. Tested it by blocking access to certain websites. How does this method of blocking a website compare to using a custom URL profile?2) Another quest...

Quinton by L3 Networker
  • 12914 Views
  • 5 replies
  • 0 Likes

GP agent without auto starting services

Hello PAN,Some of our users has a GPAgent on their private computer in case (very rarely) that they suddenly need to be able to connect to the company.For such users - the automatic starting of the services are *extremly* annoying and disturburbing for them (and other family members) and unfortunately this happens even iff the agent is in on-dem...

sitecore by Not applicable
  • 2283 Views
  • 1 replies
  • 0 Likes

hard disk specification??

Hi all.I’d like to know hard disk specification of every each PA appliances (include PA 5000 series). What I want is a below. hard disk size Number of hard disk HDD RAID configuration level Also let me know, if you have more useful information about HDD. Thanks. Eugene.

willstech by L3 Networker
  • 8083 Views
  • 13 replies
  • 0 Likes

Panorama Issues

I'm trying to migrate my devices to Panorama, and am having a few issues.1) I cannot switch to Brightcloud URL filtering, I get the following message:Server error : Successfully set URL database to 'brightcloud'.Failed to read 'brightcloud' categories. Please restart the device for changes to take effect.Rebooting the server from the GUI doesn't...

Application limit when pass FW

Hello every one . I try to implement PA-500 on PAN-OS 4.1.6. Then I configure 2 security policies. 1. security policy for deny bittorrent from both direction (Trust and Untrust zone) . 2. security policy for allow all traffic both direction but enable AntiVirus, Spyware, Vulnerability and URL filtering on alert.My environment for imple...

  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks