This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4229 Views
  • 0 replies
  • 0 Likes

How to log traffic based on FQDN objects ?

Hello,The traffic log feature is pretty usefull, however when using FQDN objects it becomes very tricky to identify traffic logs. Indeed, I use a lots of groups of FQDN objects, and even groups of groups of FQDN objects. And the traffic logs doesn't display the FQDN but only source and destination IP addresses...Is there a way to display the FQD...

ldormond by L3 Networker
  • 9591 Views
  • 4 replies
  • 0 Likes

C

Does anyone got working credit card regex, as the one listed above is not working plus anyone know how to restrict one credit card transaction over another.

Detecting a lot of spyware, 13190 (Smoke.Loader Command And Control Traffic)

I have a user that's triggering this alert frequently when doing normal Internet browsing. Some detections are to bbc.com and other news outlet sites.. Nothing obvious comes up when analyzing the computer, so I was wondering if I could find out exactly what this signature is looking for. I already checked the Threat Vault and it only provided...

mfcuns by L0 Member
  • 2716 Views
  • 2 replies
  • 0 Likes

Resolved! Blank Threat Description

I'm running Panorama 4.1.6 and am getting threat entries in the logs with no name/description (the attack id is simply repeated in the name field).This is mainly for custom threats (they do include real names and descriptions in the custom objects), but I also have some 'factory' signatures - viruses - doing the same.My Threat/App packages are a...

apackard by L4 Transporter
  • 4548 Views
  • 5 replies
  • 0 Likes

SIP/RTP + NAT - One way audio

Hi all,We are facing difficulties with a plain-in-to out and out-to-in NAT which is configured as described below:- Private to public - Public to private for ports 5060 an 9000-9049 UDP with the PBX address as destination.For some reason SIP signaling works fine, but the incoming RTP stream doesn't come through. The firewall was tested even with...

bsanders by L2 Linker
  • 18876 Views
  • 13 replies
  • 0 Likes

Can't Get AD groups to be used as user authentication

We are running 2 2050 firewalls running 4.16 software and 2 user agents running 4.1.0-43 code. When i try to limit a policy by an AD user name it works fine. However if I want to user a AD group name it wont hit the rule if i put in the user as a group. What am i doing wrong.SoMYAD\mcarlton will work for a user on a policy butMYAD\cooladmin...

mcarlton by L0 Member
  • 3748 Views
  • 2 replies
  • 0 Likes

Resolved! SFP vs SFP+

Anyone know if a 1Gb SFP module will work in a SFP+ slot on a 5050 / 5060? If so, any caveats?

dmcgee by L0 Member
  • 4460 Views
  • 2 replies
  • 0 Likes

Capture Gmail Username

Hi,I am about to finish an evaluation with a customer.He just shared with me a specfic requirement which would make him choose Palo Alto over competitors :Gmail must be allowed, but it must be possible to capture the username used to login to gmail.I have set up Outbound SSL Decryption, however i am struggling with Data Patterns :Normal regex wo...

Resolved! Captive Portal logon - Is it possible to disallow a user logging on from multiple devices?

Hello all,We are in the process of setting up a Captive Portal. All works fine. When a user is member of a defined AD security group, she can log on to the captive portal on a device (Mac, PC, iPhone, Android, etc), which opens the way to be able to browse the internet from that device.The user can log on to various machines at the same time, wi...

bsanders by L2 Linker
  • 4310 Views
  • 3 replies
  • 0 Likes

Monitoring throughput

Hi @all,in the cli I have an option to monitor the throughput via "show system statistics". Is there a way to monitor the firewallthroughput from external devices via snmp?Robert

how can i block site by category and user group

Hi there,I have some questions regarding on how to block URL category and by user group.the box is PA-2020 and when I block the social-networking with the source user is by group it wont work.When i look on the CLI the user group is <XXXX>.org but on the gui of the paloalto under user it only appears different group YYYY.orgbox configurati...

aldwine by Not applicable
  • 1948 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect Client connecting issue with Mountain Lion

We have updated some Macbooks to Mountain Lion and the connecting process take's about 10 Minutes now. Is there a workaround or will there be a fixed client when PAN-OS 4.1.7 will be released?We have a PA-500 HA Cluster using PAN-OS 4.1.6 and GlobalProtect client 1.1.5-5.

dkngroup by L0 Member
  • 4805 Views
  • 4 replies
  • 0 Likes

Resolved! UserID Agent - Required User Rights

HiI'm in the process of implementing the UserID Agent into a Windows 2008 DomainMy goal is to have a single user in the AD for all features required by PaloAlto.So I created a "panagent" user and added it to the "EventLog Readers" group, so it has access to the event logsI the configured the Agent to use this user in it's service settings to sta...

u13550 by L3 Networker
  • 8158 Views
  • 2 replies
  • 1 Likes

GlobalProtect without license on 4.1.1

I have a problem with global protect without license i have configured it as in tech notes says, but when i commit i get the following message.•Warning: No valid GlobalProtect portal license!(Module: useridd)When i launch Global Protect Client it not connets.In GlobalProtect Client I get the following Logs.(T4988) 01/13/12 15:36:45:998 Error(808...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks