This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4132 Views
  • 0 replies
  • 0 Likes

Resolved! Internal route problem

Had a question about internal routing.We have eth port assigned to a trust network which is a 192.168 network. We also have a Avaya VoIP PBX that is vLan'd on this network and the routing is managed on an internal core switch to access this network. In our single virtual router I have a route for the 192.168.0.00/16 with next hop to the Gatewa...

cmateam by L3 Networker
  • 4948 Views
  • 3 replies
  • 0 Likes

VWire

I have configure a 2050 in a vwire configuration can I still utilize layer3 on the device. From what I have been reading if I configure PAN device for vwire then the device cannot due any layer3 funcationality.

snormoyle by Not applicable
  • 2617 Views
  • 2 replies
  • 0 Likes

SMTP traffic mis-classified as FTP ?

The other day we discovered that our SMTP server was unable to send email to the silvacom.com domain.The problem was traced to our PAN rule which allows only SMTP traffic to eminate from our email server, on the application-default port. All attempts to deliver email to this domain, however, were being seen by the PAN as FTP traffic on TCP port ...

KGC by L3 Networker
  • 4161 Views
  • 3 replies
  • 0 Likes

amount of traffic before "unknown application" is determined

Hi,my questions deals with the application detection. As far as I know the heuristic engine is the last possibility after application signature and decoders weren't successful.But does anybody know how much traffic (bytes or packets) will/can run through a PAN before the heuristic engine gives and the application is set to "unknown"?Many thanks,...

sylvia by L1 Bithead
  • 2344 Views
  • 1 replies
  • 0 Likes

SSL-decryption slow

Hello,So I have tested SSL decryption today, and I made it work. But for some reason some of the webpages that are being decrypted are extremely slow. Facebook and even support.paloaltonetworks.com are two of them.I exported a CA certificate from our AD and imported it into the PA as described in a document I found on the knowledgebase.Look at t...

User-ID issues with multiple domain controllers

Hi,I have a few questions about how the user-id works that I have been unable to solve.We are currently rolling out a lot of virtual systems to our customers in a MSSP environment and as you can imagine coming across some strange server setups. This has resulted in some strange behaviour with user-id setups.I am trying to work out how user-id b...

bjackson by L2 Linker
  • 5288 Views
  • 1 replies
  • 0 Likes

default action = alert?

In browsing through the default actions for vulnerabilities, spyware and AV I see that the a lot of the actions for HIGH and CRITICAL severity events is just Alert. I expected a lot more blocking, dropping, and resetting. (half of High and >10% of Critical Vulnerabilities and the vast majority of High and Critical anti-spyware are Alert on...

schaleg2 by L0 Member
  • 2733 Views
  • 1 replies
  • 0 Likes

Resolved! PA dropping packets on their return path

HiI have a simple L3 setup.E1/1 connected to a router (default gateway to the internet). IP 192.168.119.2, untagged Zone VLAN1E1/2.2 connected to a switch (VLAN 2 tagged). IP 10.2.2.1 (default gateway for the 10.2.2.0/24 network), Zone VLAN2I have a default allow all rule, no nat (VLAN2 to VLAN1)A ping from 10.2.2.51 to 8.8.8.8 doesn't work, so ...

u13550 by L3 Networker
  • 10572 Views
  • 5 replies
  • 1 Likes

PAN filtering ssh public key auth?

HiI have a host which I can access without password with ssh by public key.This works fine, but as soon as the traffic goes over a PAN (500), I get asked for the password.Is the PA500 doing anything special here that I'm not aware of?Thanks

u13550 by L3 Networker
  • 2503 Views
  • 2 replies
  • 0 Likes

disable SSL renegotiation

Is there a way to disable SSL renegotiation at firewall level ?Disabling it server side ( Microsoft Security Advisory: Vulnerability in TLS/SSL could allow spoofing ) breaks activeSync. I'd like to test a different scenario to get rid of the many false positives we get for the SSL Renegotiation Denial of Service Vulnerability.

dieter_b by L4 Transporter
  • 3837 Views
  • 1 replies
  • 0 Likes

Default rule - tcp reset/icmp host unreachable

Hello All,Maybe it's there, in a doc, but I cannot find it...Suppose I have tiered architecture.And suppose developer breaks his code and want's to connect to other security zone or to the outside world buth should not, and I want his application to know it immidiatelly by getting tcp reset.Right now I catch myself debugging for several hours ro...

Accessing brightcloud.com returns block page

We are sometimes getting a block page when accessing brightcloud.com to report a site. The category returned is 'malware-sites'. The logs show that 'service.brightcloud.com' is correct, but 'brightcloud.com/support/lookup.php' and 'brightcloud.com/support/border-radius.htc' are URL blocked as 'malware-sites'.

cloughr by L2 Linker
  • 4031 Views
  • 3 replies
  • 0 Likes

Resolved! How to see historic load (CPU load) stats on 4020?

Let me start by giving the traditional, ive rtfm, this forum wont let me search it and ive tried hard to find it myself.I need one simple thing. How much load is on my FW and whats the load been historically? Where the heck can I find this? All I can find is the 'resource information' widget on the dashboard page.thanks!

choff123 by L3 Networker
  • 8587 Views
  • 2 replies
  • 0 Likes
  • 24337 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks