General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 876 Views
  • 1 replies
  • 8 Likes

High loads by scanner

Good afternoon. At 11:57:26 (9:57:26 GMT), there was a log entry which said this company was scanning our VPS. This made it unresponsive with extremely high load for us until I had restarted the HTTPD service. The traffic was also coming from a lot o

...

Resolved! MFA on the Palo Support Portal?

I saw the announcement that they were going to start requiring MFA for logging in on the Palo Alto websites and it mentions a code via email, however, I was already set up to use an authenticator app for this.  When I went to log in today, it seems t

...

jsalmans by L4 Transporter
  • 7623 Views
  • 13 replies
  • 0 Likes

advanced URL & URL4 license HA configurable check

Dear Team,

 

I understand that the same license set is required to configure HA according to the content below.
- The same model
- The same PAN-OS version
- The same type of interfaces
- The same set of licenses

 

Customers want to configure HA while introdu

...

Resolved! Submit IP to known malicious IP or High Risk IP

Can an IP be submitted to Palo Alto to be included in the high-risk or known-malicious IP address lists? We have an IP that has been discovered to be a major DDOS attack BOT coordination point but it's not listed in PAN's threat vault and is not bein

...

Resolved! SSL Decryption bug in PAN-OS 9.1.14

I recently upgraded from panos 9.1.13-h3 to 9.1.14 then SSL decryption stopped working, in the traffic monitor there wasn't any decryption error but when i excluded a PC the internet worked


and it seams other people are also having the same issue (Red

...

LAS by L2 Linker
  • 6725 Views
  • 22 replies
  • 0 Likes

Resolved! FQDN not working vs Resolved IP address

I created a new FQDN address object to facilitate a new Policy(rule).

 When tested the FQDN resolves internal to the Palo Alto Firewall.

The rule contains one destination address which is the new company.fqdn.com FQDN

The rule contains one source addres

...

rockfort by L1 Bithead
  • 16262 Views
  • 6 replies
  • 0 Likes

PALO ALTO to AWS site to site VPN not established

Issue:
PALO ALTO to AWS IPsec site to site VPN not able to established.

Situation

Since AWS will provide two VPN tunnel by default.
One of the VPN tunnel is established using the same public IP of PALO ALTO while the other VPN tunnel not able to establis

...

Question for SaaS Security API and Inline

 

Hello, I am SE from Korea.

 

Is there have one admin console for SaaS secure API and inline?

I have both configured, but the console is different.(attached picture)

 

However, Palo Alto Korea said, 'console has been integrated in one'.

how can I

...

pa-410 lost monitor log function and ACC function

I have a PA410. After upgrading the software recently, I found that the original monitoring log has reduced a lot of functions, and even the ACC function has been lost.


I checked the website information and found that this function was cancelled after

...

CVEs that cannot be found in Palo Alto Advisories

Hi there,

 

Does anyone know what does it mean generally for CVEs that cannot be found on Palo Alto Advisories?

Does it mean Palo Alto is not affected or the advisories has yet to update?

 

A few examples that cannot be found would be the following :

 

CVE-

...

L2 Extensions

Hello People ,

 

We have a situation where in  a Site to Site IPSEC exists between Cisco ASA and PALO ALTO FW 

 

The LAN segment of the Network is behind Cisco ASA . Infact all of the VLANS  are in this LAN Segment which is Behind Cisco ASA .

 

The require

...

Resolved! Your connection is not private (Privacy error)

i am going to access PA firewall on the browser or Global protect its shows Your connection is not private (Privacy error) then I m clicking on proceed to unsafe then it's showing the main page. how to resolve this.

 

 

 

security certificate does not sp

...

Resolved! Skype screensharing uses "u-meeting" app-id

Hi Guys, is it normal that Skype uses this u-meeting app-id every time user uses the screen sharing feature?
I tried to block this app-id and the screen sharing stops working.
Because I only allow app-ids listed on this article: https://knowledgebase.

...

PBF with ECMP Issue

Hello, i have question about PBF Using ECMP.

We have 3 ISP and using ECMP Setting with weight round robin and Symetric Return Settings

ISP A > 200

ISP B > 100

ISP C > 50

 

NAT we set like this

All  User > ISP A

 

Using PBF for some IP Segment

Segment A to ISP

...

Top Solution Authors
Top Liked Authors