This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

Resolved! what's mean counter url_request_pkt_drop?

Hello guys.I experienced increasing constantly counter "url_request_pkt_drop" when installed PAN to customer. PAN showed that counter means "the number of packets get dropped because of waiting for url category request"So I think that means simply packet dropping related URLs when not resolved URLs. I guess packet dropping of URLs that makes pro...

ttongfly by L3 Networker
  • 6421 Views
  • 3 replies
  • 0 Likes

Resolved! Backup and restore Config

I have a PA-500 Firewall running software version 4.1 and have to make some rather drastic firewall changes due to changing ISP's and outside IP addressing. I would like to backup and save my configuration, in case I mess something up. How can I take a backup of my current config, and have it ready in case I need to import it back in?I see you...

kaysun by L1 Bithead
  • 4494 Views
  • 1 replies
  • 0 Likes

What 's meaning of "User '' failed authentication. Reason: Thread limit reached"

Hello,I used Captive Portal in my environment. I found log "User '' failed authentication. Reason: Thread limit reached" show on my system some time when the Captive Poratl page fail to logging in.Which Thread has limited by the system. Could you provide me the trobleshoot step or command line to show the thread limit.Thank you,Wasawath

Skype & unknown traffic

Hello PAN,It seems to me that in order to have skype working correctly - particually with multi-site PA's with Site2Site VPN tunnels in between - it is nessesarely to enable both unknown-tcp & unknown-udp.At least - all our connection problems / delivery delays seems to go away whit the above allowed.But obviously - allowing "unknown" traffi...

sitecore by Not applicable
  • 3022 Views
  • 2 replies
  • 0 Likes

Resolved! Known Malware passing through PA to Client

Hello PAN,Today I had a client get infected with the "Windows Privacy Module" Fake AV, This wasn't cought by either PAN OS or Trend Micro while a MalwareBytes scan found it and removed it no problem. Is there something more I can do to increase the odds of my PA SG in catching these? I do keep th AV software up to date along with the PAN OS and ...

Bvance by L2 Linker
  • 4072 Views
  • 5 replies
  • 0 Likes

Getting Syslog in through PA 500

I have a router just outside my PAN 500, ver 4.0.5. I need to get syslog information in from it for my PCI requirements. Here is my setup:The following objects are defined:INT-NPM Syslog server, IP address 172.15.10.8TWC-RTR Router, 197.148.156.124TWC-NPM NAT address for INT-NPM, 197.148.156.150TWC-NAT ...

u7483 by Not applicable
  • 3278 Views
  • 3 replies
  • 0 Likes

URL logging in TAP mode

I have a business requirement to log URLs visited in an "out of line" manner for reporting and usage. There is no requirement to block URLs and it would be of great advantage not to use VirtualWire at this stage(still in pilot).I understand it is not possible to apply URL filtering rules(block, allow etc.) in TAP mode, and I'm pretty sure that w...

loki by L1 Bithead
  • 2202 Views
  • 1 replies
  • 0 Likes

Multicast Support

Hi Guys,Does PAN support IP multicasting to allow one IP packet to be sent simultaneously to multiple hosts for use in multimedia applications and video conferencing?I did read somewhere that multicast forwarding / routing is now supported from version 4.1.x onwards. Is it true?Cheers...Kalyan

Stateful Package Inspection Features

Hi Guys,I was just wondering if you someone could clarify a few doubts that are lingering in my mind.1. IP Checksum Enforcement - Does PA have an option to enforce header checksums for IP headers and UDP packets?2. QoS - Does have QoS support bi-directional support for DSCP and 802.1pMany thanks,Kalyan

Custom Reports and Wildcards

Hello KPers,My goal: To create a report of top X users who attempt to access blocked categories.My problem: I would like to exclude a set of userids that share a common prefix.What I've tried: I've created a URL log custom report based off of action eq block-url and user neq userid*; This does not output my desired results as the users with the ...

Need help in setting up the email alerts for the Pan firewalls.

I am trying to setup email alerts when the device goes down or the interface goes down. To complete this task, I had configured the email server and under the device tab -- log settings-- critical -- I set it to be forwarded to the email server. Also when configuring the email server profile, under the custom log format, under system I chose the...

Global Protect - External IP as source in VPN tunnel

Hello PAN.Trying to figure out why my connection on the VPN client was behaving a bit sporadic I noticed that *some* of the traffic send to the firewall from my GPA was using source IP = my client public IP, rather than my client private IP.So. Some traffic is send with source IP = public IP, some traffic is being send with source IP = vpn IP.VP...

sitecore by Not applicable
  • 2683 Views
  • 2 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks