This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4244 Views
  • 0 replies
  • 0 Likes

Resolved! Known Malware passing through PA to Client

Hello PAN,Today I had a client get infected with the "Windows Privacy Module" Fake AV, This wasn't cought by either PAN OS or Trend Micro while a MalwareBytes scan found it and removed it no problem. Is there something more I can do to increase the odds of my PA SG in catching these? I do keep th AV software up to date along with the PAN OS and ...

Bvance by L2 Linker
  • 4165 Views
  • 5 replies
  • 0 Likes

Getting Syslog in through PA 500

I have a router just outside my PAN 500, ver 4.0.5. I need to get syslog information in from it for my PCI requirements. Here is my setup:The following objects are defined:INT-NPM Syslog server, IP address 172.15.10.8TWC-RTR Router, 197.148.156.124TWC-NPM NAT address for INT-NPM, 197.148.156.150TWC-NAT ...

u7483 by Not applicable
  • 3324 Views
  • 3 replies
  • 0 Likes

URL logging in TAP mode

I have a business requirement to log URLs visited in an "out of line" manner for reporting and usage. There is no requirement to block URLs and it would be of great advantage not to use VirtualWire at this stage(still in pilot).I understand it is not possible to apply URL filtering rules(block, allow etc.) in TAP mode, and I'm pretty sure that w...

loki by L1 Bithead
  • 2226 Views
  • 1 replies
  • 0 Likes

Multicast Support

Hi Guys,Does PAN support IP multicasting to allow one IP packet to be sent simultaneously to multiple hosts for use in multimedia applications and video conferencing?I did read somewhere that multicast forwarding / routing is now supported from version 4.1.x onwards. Is it true?Cheers...Kalyan

Stateful Package Inspection Features

Hi Guys,I was just wondering if you someone could clarify a few doubts that are lingering in my mind.1. IP Checksum Enforcement - Does PA have an option to enforce header checksums for IP headers and UDP packets?2. QoS - Does have QoS support bi-directional support for DSCP and 802.1pMany thanks,Kalyan

Custom Reports and Wildcards

Hello KPers,My goal: To create a report of top X users who attempt to access blocked categories.My problem: I would like to exclude a set of userids that share a common prefix.What I've tried: I've created a URL log custom report based off of action eq block-url and user neq userid*; This does not output my desired results as the users with the ...

Need help in setting up the email alerts for the Pan firewalls.

I am trying to setup email alerts when the device goes down or the interface goes down. To complete this task, I had configured the email server and under the device tab -- log settings-- critical -- I set it to be forwarded to the email server. Also when configuring the email server profile, under the custom log format, under system I chose the...

Global Protect - External IP as source in VPN tunnel

Hello PAN.Trying to figure out why my connection on the VPN client was behaving a bit sporadic I noticed that *some* of the traffic send to the firewall from my GPA was using source IP = my client public IP, rather than my client private IP.So. Some traffic is send with source IP = public IP, some traffic is being send with source IP = vpn IP.VP...

sitecore by Not applicable
  • 2720 Views
  • 2 replies
  • 0 Likes

Block and NOT Alert

Is there any way of blocking an attack (threat) but not logging it?By this I mean I have some attacks that I want to drop but don't really want to get spammed in the logs because they are just 'noise' as far as I'm concerned.

apackard by L4 Transporter
  • 2679 Views
  • 3 replies
  • 0 Likes

Destination NAT Translation doesnt work properly with PA-5050

Hello Guys,Destination NAT translation doesn't work properly with PA-5050 ver 4.1.6Scenario 1: -1) Configured 213.42.55.x is mapped with 192.168.1.60 ( www.x.com) with destination nat translation on port www2) 192.168.1.60 static nat ( bi direct) with 213.42.55.xObservation : user from public host able to access the www.x.comScenario 2:1) Confi...

Resolved! How do I enable ping to a non-mgmt IP address?

Hello,I'm trying to enable ping to an external address that is not assigned to an interface? Is this possible? This address is used for NAT'ing purposes or to access an internal server.I've done the following but I'm still not able to ping the address/server:1. allow application ping from internet to my external ip.Am I missing anything?Thanks

x by L1 Bithead
  • 6787 Views
  • 5 replies
  • 0 Likes

forward from multiple WAN to one host LAN

Hi, I need a little help with PA configuration. I have two WAN links. WAN1 - 1.1.1.1 WAN2 - 2.2.2.2 and a host on the network 3.3.3.3 3.3.3.3 ip is a terminal server. All computers go through WAN1 link. I need to configure the PA so I can login to the server via IP WAN1 and IP WAN2. I ask for directions if possible. Advance thank you very much.

  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks