This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4227 Views
  • 0 replies
  • 0 Likes

Hide Public IPs

I've been getting a lot of traffic from 'unfriendly' countries trying to gain access to a service we provide via one of our NAT'ed public ip address. I know for a fact they have no business connecting to that service. Is there a setting on the Palo Alto to hide my Public ip addresses? In that same vain, can I also hide what ports/protocols I hav...

mark1ped by Not applicable
  • 3257 Views
  • 1 replies
  • 0 Likes

Resolved! IPSec VPN tunnel no longer working

Hello guysWe have a few VPN tunnels between our PA-2050 (in HA cluster) and some WatchGuard firewalls (different models). We migrated these tunnels to the PA-2050 a few weeks ago and they ran stable. Now suddenly two of 10 tunnels are down and we don't get them back up. Here's what we tried so far:- Rebooting the WatchGuard firewalls- Suspending...

oschuler by L4 Transporter
  • 20196 Views
  • 18 replies
  • 0 Likes

Resolved! Internal route problem

Had a question about internal routing.We have eth port assigned to a trust network which is a 192.168 network. We also have a Avaya VoIP PBX that is vLan'd on this network and the routing is managed on an internal core switch to access this network. In our single virtual router I have a route for the 192.168.0.00/16 with next hop to the Gatewa...

cmateam by L3 Networker
  • 4987 Views
  • 3 replies
  • 0 Likes

VWire

I have configure a 2050 in a vwire configuration can I still utilize layer3 on the device. From what I have been reading if I configure PAN device for vwire then the device cannot due any layer3 funcationality.

snormoyle by Not applicable
  • 2649 Views
  • 2 replies
  • 0 Likes

SMTP traffic mis-classified as FTP ?

The other day we discovered that our SMTP server was unable to send email to the silvacom.com domain.The problem was traced to our PAN rule which allows only SMTP traffic to eminate from our email server, on the application-default port. All attempts to deliver email to this domain, however, were being seen by the PAN as FTP traffic on TCP port ...

KGC by L3 Networker
  • 4203 Views
  • 3 replies
  • 0 Likes

amount of traffic before "unknown application" is determined

Hi,my questions deals with the application detection. As far as I know the heuristic engine is the last possibility after application signature and decoders weren't successful.But does anybody know how much traffic (bytes or packets) will/can run through a PAN before the heuristic engine gives and the application is set to "unknown"?Many thanks,...

sylvia by L1 Bithead
  • 2374 Views
  • 1 replies
  • 0 Likes

SSL-decryption slow

Hello,So I have tested SSL decryption today, and I made it work. But for some reason some of the webpages that are being decrypted are extremely slow. Facebook and even support.paloaltonetworks.com are two of them.I exported a CA certificate from our AD and imported it into the PA as described in a document I found on the knowledgebase.Look at t...

User-ID issues with multiple domain controllers

Hi,I have a few questions about how the user-id works that I have been unable to solve.We are currently rolling out a lot of virtual systems to our customers in a MSSP environment and as you can imagine coming across some strange server setups. This has resulted in some strange behaviour with user-id setups.I am trying to work out how user-id b...

bjackson by L2 Linker
  • 5341 Views
  • 1 replies
  • 0 Likes

default action = alert?

In browsing through the default actions for vulnerabilities, spyware and AV I see that the a lot of the actions for HIGH and CRITICAL severity events is just Alert. I expected a lot more blocking, dropping, and resetting. (half of High and >10% of Critical Vulnerabilities and the vast majority of High and Critical anti-spyware are Alert on...

schaleg2 by L0 Member
  • 2750 Views
  • 1 replies
  • 0 Likes

Resolved! PA dropping packets on their return path

HiI have a simple L3 setup.E1/1 connected to a router (default gateway to the internet). IP 192.168.119.2, untagged Zone VLAN1E1/2.2 connected to a switch (VLAN 2 tagged). IP 10.2.2.1 (default gateway for the 10.2.2.0/24 network), Zone VLAN2I have a default allow all rule, no nat (VLAN2 to VLAN1)A ping from 10.2.2.51 to 8.8.8.8 doesn't work, so ...

u13550 by L3 Networker
  • 10663 Views
  • 5 replies
  • 1 Likes

PAN filtering ssh public key auth?

HiI have a host which I can access without password with ssh by public key.This works fine, but as soon as the traffic goes over a PAN (500), I get asked for the password.Is the PA500 doing anything special here that I'm not aware of?Thanks

u13550 by L3 Networker
  • 2531 Views
  • 2 replies
  • 0 Likes

disable SSL renegotiation

Is there a way to disable SSL renegotiation at firewall level ?Disabling it server side ( Microsoft Security Advisory: Vulnerability in TLS/SSL could allow spoofing ) breaks activeSync. I'd like to test a different scenario to get rid of the many false positives we get for the SSL Renegotiation Denial of Service Vulnerability.

dieter_b by L4 Transporter
  • 3864 Views
  • 1 replies
  • 0 Likes

Default rule - tcp reset/icmp host unreachable

Hello All,Maybe it's there, in a doc, but I cannot find it...Suppose I have tiered architecture.And suppose developer breaks his code and want's to connect to other security zone or to the outside world buth should not, and I want his application to know it immidiatelly by getting tcp reset.Right now I catch myself debugging for several hours ro...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks