This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Cutom reports IPs not domains names

Hello Bro, We are currently on PANOS ver 10.2.7-h3 on PA-3220 firewall. I have created a custom report, and receive it daily, it went Ok. but the received PDF report for example "Top blocked websites" mostly include IP addresses and not the blockewd domain names which makes it almost useless. how to let the firewall create the repo...

Resolved! Security rule says disabled no for an enabled policy

I have 2 firewalls with identical config running same PANOS. The policy in question is enabled on both the firewalls. But one firewall has an extra line in cli( which is picked in daily diff) set rulebase security rules "rule name" disabled no - So it is saying policy is not disabled but enabled. Why is it showing only for 1 enabled policy and n...

Duplicated IP for different Users

Hi team I'm currently having an issue with GLOBAL PROTECT VPN users whose IP has been duplicated, as showed in the next picture: As you can see, there is no big time difference between the log generated for the user sprbun\johnfc and the user sprbun\norac I have configured two gateways and this problem is happening when two different users ...

DanielPaz_0-1710274242054.png
DanielPaz_1-1710274470327.png
DanielPaz_2-1710274494198.png
DanielPaz_3-1710274883250.png

Resolved! Site Access

I am in the process of locking down access to certain sites on the internet and We have certain AD groups that are designated for access. I was wondering if there was a way to create one rule that will allow AD Group1 and AD Group 2 to their respectrive sites but not let them go to each other site. I am trying to keep the policies down to a mini...

Getting commit error

vsys -> vsys1 -> application-status -> tiktok 'tiktok' is not a valid referencevsys -> vsys1 -> application-status is invalidCommit failed Getting error after new content version installed but when reverted issue fixed.

Saurabh1 by L1 Bithead
  • 3859 Views
  • 6 replies
  • 0 Likes

Need to understand the meanning if cgo cmd in the query builder

Hi Team, In the Cortex XDR console, inside the query builder option, we are able to see various options to write query such as Process Name and Acting Process Name, but along with hat weare also able to see an option called ;CGO cmd', what does it mean and what is it used to define while writibg a query? Regards Rohita

xqualsystem.org wrongly categorized as spyware

Dear Team , The Website xqualsystem.org wrongly categorized as spyware on DNS Security and as per them the site is cleaned . Could you let us know whom to contact in paloalto to understand why the xqualsystem.org wrongly categorized as spyware ? Regards Vin

VineethM by L0 Member
  • 1034 Views
  • 1 replies
  • 0 Likes

Resolved! DNS proxy setup

Hi, I have a firewall rule on my Palo Alto to NAT a public IP to a private IP on the DMZ. The external users who don’t work for my company can hit the public IP by DNS name, get onto the website, and view the content etc. This is all working fine. A few times per year I must take the internal DMZ server offline for patching and it could be of...

ohareka by L1 Bithead
  • 2545 Views
  • 3 replies
  • 0 Likes

Importing routes between VR

I know we can exchange routes between VR using BGP but is there any other built in method? Cisco and Juniper offer route leaking functions which let you import/export routes between VRF's without needing to establish a full routing protocol Thanks

GP Not Transitioning to Internal Network Correctly

Hello! I have a GP environment with one all in one NFGW (Portal/Ext GW/Int GW). It works great. Recently I added a second site with a similar setup for redundancy. The same DNS name points to both portals, the portals are setup to suggest both GWs equally, each has an internal GW; totally equal GP setups. The issue I now face is when a mobile cl...

MeCJay12 by L2 Linker
  • 1410 Views
  • 2 replies
  • 0 Likes

Interpretation of BPA Reports

I generated a BPA report on the AIOPS website using the tsf file from Strata, but I am a bit confused about the terms referenced in the report's interpretation. Among them, CSC controls 9.2, 12, etc., specifically refer to? Can anyone explain it. I went to download the file: CIS.Controls_v8_Critical_Security.Controls_2023:08.pdf The descript...

Felixcao_3-1710145673343.png
Felixcao_0-1710145051453.png
Felixcao_1-1710145293214.png
Felixcao_2-1710145309189.png
Felixcao by L3 Networker
  • 1104 Views
  • 1 replies
  • 0 Likes

Create a Palo Alto to Juniper SRX Route based VPN using OSPF

I created a new document from lab testing the Juniper SRX to Palo Alto VPN connections using OSPF on a route based VPN. But the only place I have permission to upload files is in DevCenter. So here is the link for anyone who needs the setup instructions for both sides.PanOS to Juniper SRX Route Based VPN with OSPF

pulukas by L7 Applicator
  • 5354 Views
  • 3 replies
  • 1 Likes

PPPoE disconnect randomly

Hello PaloAlto users! Recently I purchased a PaloAlto from ebay and I have installed it in my home. I have the WAN interface (ethernet1/1) as PPPoE with the information from my ISP (Digi Spain) . Everything is okay regarding the configuration (or so i think) with my ISP, i got my IP, can navigate perfectly etc. but in some cases i got disconne...

Jlsierra by L1 Bithead
  • 4881 Views
  • 5 replies
  • 0 Likes
  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks