This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4129 Views
  • 0 replies
  • 0 Likes

PAN 500 Locked Up Today

So, today, when basically nobody was on campus the PA-500 decided to lock up. I could not connect to it at all and it was not passing traffic through. Looking at the logs, it appears as though it locked up at 3:02 a.m. on Monday as there was no traffic in the log between 3:02 a.m. and when I rebooted it at 5:30 this evening.It does appear as t...

HA Active/Active,..

Hi Team,..Attached is the scenario for HA Active/Active,..Is it possible to configure IPSec and SSL VPN in this Scenario?The external interfaces of each PA firewall is directly connected to ISP routers and have configured defferent public IP's on both. And werequire single Gateway for all internal host..Thank you in Advance,.Gururaj

Astik by L0 Member
  • 3306 Views
  • 2 replies
  • 0 Likes

Shared Gateway and VSYS

Hi,I've a basic setup with TWO vsys with separate vrouters on each vsys (Maketing and Sales ) and a shared Gateway. Some vpn Tunnels terminating on my shared gateway.I need to implement some static NAT rules for my VPN tunnels, so far so good.Routing 0.0.0.0/0 goes to the Shared gateway and of course other locally routes are routed locally by Vr...

slh by Not applicable
  • 3123 Views
  • 1 replies
  • 0 Likes

Resolved! PPPoA

Hi All,hoping you can help with something I'm now too sure about. I haven't found anything in help or knowledgepoint so far. I've pre-configure a couple of PA-200's in PPPoE mode (ISP modems in bridge mode) to send to a remote site OS. I've just had a response from their local ISP sayng that their DSL services will ONLY run PPPoA. I'm not fa...

Brightcloud tagging Yahoo sites as Phishing and Fraud

Greetings!Today I received several helpdesk calls concerning yahoo! mail not working. Logs show that the 'yming.com' site that yahoo! uses is being flagged as a 'Phishing and Fraud' site.I know I can report it (24-48 hour fix) and can manually unblock, but what a pain. Is anyone else seeing this issue?

cloughr by L2 Linker
  • 5461 Views
  • 6 replies
  • 0 Likes

Allow download of file types that show as ZIP

Hello,I have had a few instances where I've needed to allow certain files types through the data filter. One annoying case was native Office 2007/2010 documents that end in x. What I did was add it to my file blocking profile with the action of ALERT. This is now letting them in. Sometimes I actually have a FQDN or IPs that I can use to allo...

gsvarney by L1 Bithead
  • 9500 Views
  • 6 replies
  • 0 Likes

4.0.9 to 4.1.6 - Issues to be aware of?

Are there any known issues to be aware of if I wanted to go from 4.0.9 to 4.1.6?We had an issue when we went from 4.0.9 to 4.0.11 where the dataplane on our PA-500 randomly rebooted several times and support's initial suggestion was to do a factory reset/restore of the box.I'd prefer not to do that if it's avoidable, so I figure there should be ...

Dual/HA IPsec tunnels with 2 ISPs ?

Hello,I have 2 PaloAltos, one is running on robust and redundant Corp internet ISP, another one on a remote location with 2 public ADSL (and miserable quality ofc !). My goal is to have a redundant IPsec link between the two PaloAltos :How would you achieve this ? I have several scenarios in mind:PA2 builds 2 tunnels (one from each ISP) all tim...

essnet by L4 Transporter
  • 2494 Views
  • 1 replies
  • 1 Likes

Resolved! Hotmail Categorization Weirdness

Hey folks,User reported MSN mail being blocked as phishing-and-other-frauds, but my Hotmail and her other MSN email accounts work fine. I investigated and found that the server:sn123w.snt123.mail.live.comIs being categorized by the PAN device as phishing-and-other-frauds, but other MSN servers are not, like this one:co105w.col105.mail.live.comw...

Negative lookahead regular expression not working

HiBit of an advanced regex feature, but I would like to set up a custom vulnerability signature to detect browsers (user-agent) that are not Internet Explorer. True, one could detect Firefox specifically, but there are so many different browsers in the wild that it is impossible to match them all.The regex I'm attempting therefore is: User-Agent...

SSL decryption and Http redirection

Hi,I am testing SSL decryption and it seems to work fine except when Http redirection is involved. E.g. when you try to connect to Https://gmail.com , google redirects you to https://www.google.com and it gives me a certificate error because of the hostname in the cert does (www.google.com in this case)not match with the hostname that you are c...

SLOW INTERNET

Hi GUys ,I`m deploying a PAN.Everything is OK , COnfiguration , URL Alerts , AV , AS everything on ALERT MODE.But my problem , after COnfigure a L3 INterface to receive IP via dhcp client from my ISP router , my connection with internet becomes very slow!I think the problem is on the PAN because when i rollback to my PF SENSE everything works go...

Thiago by L3 Networker
  • 5842 Views
  • 4 replies
  • 0 Likes

Antivirus Update Frequency

Is this specified anywhere?I can't seem to find where the antivirus update schedule is stated explictly.Or is it just part of the weekly content updates?

KGC by L3 Networker
  • 9227 Views
  • 7 replies
  • 0 Likes

HA Active/Active

Hi,Can anyone tell me if HA Active/Active on a PA-500 requires three links in total? As there are limited ports on the PA-500 this may cause an issue.Also, if this the case - is there any option on having an IPSEC VPN terminating on the passive firewall in an Active/Passive HA configuration (i suspect the answer to this is no).Andrew

singersit by Not applicable
  • 4512 Views
  • 4 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks