This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4234 Views
  • 0 replies
  • 0 Likes

SNMP TRAP Recommend

Hi AllI want to set snmp traps to my snmp-server , are there any recommend about that ?I have got the snmp mip from paloalto support site, but there are too many descrpitions about trap, so maybe someone can give me some recommends about system health of snmptrap.ThanksJoy

Incoming Traffic failed in Active Active HA

Hi,I setup active/active configuration and everything seems to be working. We test HA by powering off the other peer and vice versa. All outgoing traffic are working as expected. But, we notice that we're not receiving incoming traffic if one of the PAN fails. I configured NAT and assign the active/active HA binding to both. Please help.Thanks,Rex

Resolved! cannot unlock a vpn user

when i press unlock, comes the following error message:Unlock failed for the following: consalco-int.local christoph.ramboeck: request -> ssl-vpn -> unlock -> user 'consalco-int.localchristoph.ramboeck' can be at most 31 characterscan someone write me here to help or know what to do

USER - ID FOR EXCHANGE SERVER

Hi Guys ,I see on PAN OS 4.1 releases , We can discover user from Exchange Server.So where we have a document to understand more better how it works ?Where can i do download for this agent ?I need to install something on my exchange server ?Best Regards!

Thiago by L3 Networker
  • 4883 Views
  • 1 replies
  • 0 Likes

Resolved! Displaying detailed session info from the command line

Hi all,Does anybody know of a way to display detailed session information from the command line please?In addition to the basic info provided by "show session all" I would like to extract the "Start Time" and "Bytes" values for certain devices. I am able to filter sessions based on the "Bytes" value but that value is never displayed in the outp...

DavePalo by L4 Transporter
  • 2829 Views
  • 1 replies
  • 0 Likes

Brute Force Signatures

hi : In regard to Brute Force Vulnerability Signatures 40015 (ssh) and 40021 (rdp) :Why is there not a way to permanently block an IP number that exceeds the configured Number of Hits per time period? Is this possibly in the works fro a future release?

wlu by Not applicable
  • 16032 Views
  • 19 replies
  • 0 Likes

Site to site VPN phase one error.

Hi Team,For Site to Site VPN in System logs showing ( description contains 'IKE phase-1 SA is deleted SA: 10.10.10.1[500]-10.10.10.2[500] cookie:eb16a2088724d32c:0000000000000000.' )Thank you in advance,.

Gururaj by L4 Transporter
  • 3916 Views
  • 3 replies
  • 0 Likes

web browsing problem

hi,i installed pan5020 my customer..customer have 8 branch offices with metro ethernet..but some web page cannot open from branchoffices like www.yahoo.com, www.microsoft.com,etc.(i examine rule and logs everythigs looks normal, its interesting)when i switch to old firewall(cisco asa) everything running normal.i tried increase session time-out, ...

lildeniz by L3 Networker
  • 5880 Views
  • 7 replies
  • 0 Likes

Ipsec VPN to Cisco ASA

Hi Guys,right now we are trying to setuop a ipsec vpn between out palo alto 4.0.7 box and a cisco asa 8.2 box ..Cause we are running into troubles whithin the ike setup, i would like to know the following:1. How can i debug the vpn setup in the pa ? I'm used to ASA's but this is my first vpn setup on a PA. I want to check why the tunnel does not...

cfpa by L1 Bithead
  • 4265 Views
  • 3 replies
  • 0 Likes

iOS VPN and Identity Certificates

We are testing Certificate Based Auth + User Based Auth for iOS VPN. Is it best practice to export a unique Identity(Client) Certificate for each user/device? Or is it common to use the same Identity Certificate for everyone? Security wise, it would be better to use unique certificates, but managing them may be hassle. We are also looking into...

jambulo by L4 Transporter
  • 2283 Views
  • 1 replies
  • 0 Likes

Resolved! How can Palo Alto protect against JBOSS vulnerability

Dear all, we are trying to protect a JBOSS web server against a server default configuration vulnerability. This is described at. http://www.articlesbase.com/security-articles/exploitation-and-remediation-of-jboss-application-server-default-configuration-vulnerability-1889469.htmlHow can Palo Alto protect servers against this kind of vulnerabili...

COMIP by L2 Linker
  • 4732 Views
  • 2 replies
  • 0 Likes

slow ftp log export

PA2020.Exporting logs using ftp seems extremely slow. We are talking about speeds around 30 KB/s, this on a full GB network to a ftp server with fast storage. Logs are big (easily over 10GB) so it would take days to export them.How can I speed things up ? Is there an alternative (like: using the usb port on the device ?

dieter_b by L4 Transporter
  • 5056 Views
  • 7 replies
  • 0 Likes

Facebook limited filtering

Our business has a Facebook page but as a policy we have Facebook blocked as a whole.Is it possible to unblock certain pages in Facebook only (eg. www.facebook.com/mybusiness) but maintain deny access to every other page?

Strachf by L1 Bithead
  • 3191 Views
  • 2 replies
  • 0 Likes

Resolved! Application filters

I have been trying to use the application filter functionality as I am setting up our PA with little luck. Example being: I would like to allow pretty much everything under "business" systems", "office programs".First problem I am running into is it does not include the dependcies. OK I can get around that and create an applicatio group for t...

BobW by L4 Transporter
  • 7739 Views
  • 8 replies
  • 0 Likes
  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks