This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4235 Views
  • 0 replies
  • 0 Likes

Resolved! Monitor > Logs, Add Log Filter: Is there a Filtering Criterion Equiv.-To "# Of Sessions"

Hello. Via the Monitor page, I'm trying to build a log query, to report upon all threats regarded as critical within the last 24 hours that held / conducted a minimum of 12 (twelve) sessions. I've got the first 2 (two) filtering parameters - my "critical" vulnerability sensitivity; and my time frame eq. last 24 hours. However I'm "stuck", wit...

IMgrtrU by Not applicable
  • 4786 Views
  • 5 replies
  • 0 Likes

Maximum sessions for Captive Portal

Hi Guys,On a PA-500, is there any specification for the maximum number of sessions or user logins at any given point of time for Captive Portal users? Enquiring because, there is a known environment (school with boarding as well) (staff and student VLANs) where maximum traffic passes through Captive Portal.Many Thanks,Kal

PAN Agent stability

Hi All,Is there anybody meets PAN Agent stability issue?We always install PAN Agent version 3.1.2 on Windows Server 2003, but at lease tow customer meet the issue.PAN Agent service is down once 1to3 weeksNo advnaced log can be found no matter debug is turned on or not (on PAN Agent).Regards, Bobby

PAN - DHCP option

Hi All,I'm working to configure the PAN (4.1.2) DHCP, hopefully to replace the legacy DHCP server for the LAN.My LAN consist of both data and voice on few vlans.I would require to insert the dhcp option code of 176 & 242 for the ip phones.But doesnt seem able to find the function on PAN.Please advice if such option is available (future?) or ...

ateo by Not applicable
  • 3789 Views
  • 3 replies
  • 0 Likes

Http-proxy application and applications in URL Filtering log

Hellou!I have installed Palo (in tap mode) in front of MS TMG proxy. In attachment I put a picture with the applications he recognizes. Http-proxy application is always the application with the most received bytes, but Palo also recognizes other applications so my questions is: what kind of traffic Palo catagorizes as a http-proxy? Is it traffi...

mkopcic by L2 Linker
  • 7912 Views
  • 4 replies
  • 0 Likes

ThreatID 33542 and Facebook

I'm seeing a lot of alerts in the last couple days for threatID 33542 when users are visiting facebook via http://www.facebook.com/Could this be a false positive? Anyone else seeing a jump in this threat?Tnx, Tom

TomS by L1 Bithead
  • 5409 Views
  • 8 replies
  • 0 Likes

Data Filtering Patterns

Does anyone know the logic used to interpret data patterns/filtering expressions?By this I mean, if I have two patterns:-Confidential\\Eyes-Only (exact match Confidential\Eyes-Only)andConfidential\\.+ (wildcard match Confidential\*)Will a file with the string 'Confidential\Eyes-Only' match the former, as the closest match, or t...

apackard by L4 Transporter
  • 2417 Views
  • 1 replies
  • 0 Likes

Difference between session start vs end when doing DENY

The difference (generally speaking) between "log on session start" and "log on session end" (for ALLOW rules) is that the "session end" will also log application and trafficvolume however it will not show up in the log-files until the session really is ended (which means for debugging you often want on session start aswell to see when the packet...

mikand by L6 Presenter
  • 5505 Views
  • 1 replies
  • 0 Likes

Large User-ID Deployments

All,We're in the process of migrating from a WCCP Proxy implentation for URL filtering to the Palo Alto solution (LOTS of work needs to be done obviously!) and we're starting to work with the User-ID Agent and have some questions..First, I'm curious how large of User-ID implentations are out there user wise? We have about 16k users system wide, ...

steveo by L3 Networker
  • 6732 Views
  • 6 replies
  • 1 Likes

Custom Block Page

Hi I'm finding it really difficult to upload a customised url block page. Each time I do it only the default page appears. Out of around 20 times of uploading the edited txt message (custom block message) it's only ever updated to the new message on one occasion. Is anyone else having these problems? I'm running 4.1.3ThanksRod

djrodb by L3 Networker
  • 3872 Views
  • 4 replies
  • 0 Likes

Resolved! Logs retained after vSys deleted?

If a vSys is deleted, i'm assuming (dangerous i know), that the logs related to that vSys are deleted off of the device.Is this a valid assumption?What about any logging forwarded to Panorama, are they deleted or retained?If not a valid assumption, is there a process to manually clean out these logs?Thanks,kurt

u11756 by Not applicable
  • 2775 Views
  • 2 replies
  • 0 Likes

CNSE Review Guide

Has anyone have any idea what kind of topic you will be asked? Want to start reviewing for this certification.thanks

friento by L3 Networker
  • 5968 Views
  • 8 replies
  • 0 Likes

Palo and TMG

HelloI have a tmg box at the moment that publishes our web sites, can i still leave that still setup and point the palo at the tmg for the web sites we publish? or how do i do that with the palo in place.Mark

Office 365 App Detection

Hi, I was wondering if there are any plans or a method how to detect Office 365 traffic?We have no URL scanning license on the box, so we depend on the App detection method.Because all traffic is a SSL connection, PaloAlto reports the traffic as general SSL Application.Many thanks for any suggestion about my issue.

u2343 by Not applicable
  • 2781 Views
  • 1 replies
  • 0 Likes

No IP addresses on HA interfaces

Hi all,I'm working for a new company building out several new data centers. They got a jump on getting things up and running before hiring their own resource and had a consultant setup a couple of pairs of PA-2050s. They are active/passive. The consultant set up the HA interfaces with no IP addresses. Is this an OK configuration? They seem happy...

GV27 by L1 Bithead
  • 2245 Views
  • 1 replies
  • 0 Likes
  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks