This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4124 Views
  • 0 replies
  • 0 Likes

IPSec VPN Issue

Hi,on a PA 2020 running 4.1.0 is a VPN Gateway configured. A client PA 500 running 4.1.0 with dynamic WAN IP is configured as peer. Both devices can reach each other. In system log is a succesfull phase 1 and phase 2 and a succesfull ipsec connection. After that, a IPSec SA delete message appears and the IPSec key will be deleted. From this time...

Multiple External IP Problem

Hi allI have a brand new PA500 that I have setup and everything is working fine in the outbound direction e.g. i can access the internet etc.. the problem i have is in the inbound direction. My external interface IP address is set to 89.238.148.194/28 and I have a number of other external IP addresses that i need to NAT to internal private IP ad...

Resolved! Any ability to create Zone Groups

Is there any ability to create Zone Groups such that I can easily group zones together and then add that to security policies? I have a number of shared services which I need to grant access to a large number of zones and I find it very time consuming and somewhat error prone to continually add individual zones to a rule. Also as a feature enh...

Resolved! Rules, group, filters etc.

I realize this sort of question is difficult to answer but here goes.I am working on setting up our PA500 and am curious how others are setting their rules. As an example: there are three groups of users as defined in active directory: A, B, and C. All of which require different levels of URL filtering, times and App filtering. Of course th...

BobW by L4 Transporter
  • 4283 Views
  • 4 replies
  • 0 Likes

URL Filtering - Blocks msn live and yahoo messenger

Hi All,I wonder if anyone is facing this issue... If you enable web-based-email inside ssl decryption rules, it will also block user to access both msn live messenger and yahoo messenger (this does not happen to skype of course). Even though, the existing security rules stated allow any application without any filtering mode, this will still hap...

eugene by Not applicable
  • 6565 Views
  • 7 replies
  • 0 Likes

Resolved! Wildfire uploaded file disposition

I've heard customers express concerns about what happens to a file once it has been uploaded to Wildfire. If the file were the product of a spearfishing attack, it could potentially contain information about the victim that may be sensitive in nature. How are uploaded files protected from accidental disclosure? Does Wildfire dispose of the file...

dford by Not applicable
  • 4451 Views
  • 2 replies
  • 0 Likes

Report: Top URL categories per user

I've been asked to run a report on the web usage of a specific department and I happily generated a report of users from that dept in order of how much data they have used. Then the department head asked for it to be broken down so that for each user they could see the top ten categories so he could determine whether it was business or non busin...

UKRB by L3 Networker
  • 2537 Views
  • 1 replies
  • 0 Likes

VPN tunnel Site to site failing

hi I had a working VPN tunnel and t was working for more than 100days then all of a sudden it stopped workingand the rrrors i am getting isIKE phase-1 SA is deleted SA: MY-IP ADDRESS [500]-REMOTEIP_ADDRESS[500] cookie:ea25f2fa99b81f69:0000000000000000.04/23 03:55:52IKE phase-1 negotiation is failed as initiator, main mode. Failed SA: MY-IP ADDRE...

BBHLTD by Not applicable
  • 4984 Views
  • 4 replies
  • 0 Likes

what is the processor named webapp3?

HiMgmt cpu was reached to 100% during a hour.i was look into a reason that why cpu usage hit a peak.processor named webapp3 was high usage during cpu reached to 100%. (it was almost 95%)i don't know what is the role of this processor.Please let me know someone who know this role of processor.Thanks,Eugene.

willstech by L3 Networker
  • 4471 Views
  • 6 replies
  • 0 Likes

Portal Error when using GlobalConnect client

We have 1 PA-500 which we recently upgraded from 4.0.5 to 4.1.4.On 4.0.5 we used the NetConnect client for several users without any problem.Now we upgraded to 4.1.4 we need to use the GlobalConnect client.So I downloaded and activated the 1.1.4 client.I thought it should offer an upgrade when you connect with an old client, so I started my NetC...

Missmatch in App/Threat Version HA

My second PA says it use 302-1357.But It acctually says it have 304-1366:Both my PA's say they have 304-1366 installed under "Device > Dynamic Updates"But on my dashboard they say its missmatch...Any one know what i should do? Everything works fine but it dosen't look that fine..

Resolved! Log Details not populating...

PAN OS 4.1.1. Looking in my traffic logs and then clicking on the magnifying glass to examine the details of an entry. The log details window opens and spins and spins and spins... never populates. No change no matter which traffic entry I click on.Any thoughts? I've rebooted the device as the simple troubleshooting step with no improvement.I...

cenders by L3 Networker
  • 7679 Views
  • 10 replies
  • 0 Likes

User-ID Agent

Is it possible to use the User-ID Agent to scan the logs from a machine configured as an Event Collector. I have an event log called "Forwarded Events" which holds centralised logon/logoff events for another tool. It would be good to leverage that information for Palo too.RegardsGary

Server profile KERBEROS with group mapping

Hi guys.I have a doubt .When i configure my Kerberos on my server profile , i can`t make group mapping settings to catch my users from AD and make a Policy for them ?My PAN OS is 4.1.0 In other versions it`s possible to do with Kerberos OR i need to configure LDAP Server profile ?Best Regards.Thiago Lima.

Thiago by L3 Networker
  • 2365 Views
  • 1 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks