General Topics

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

Cannot Ping

Hi,

I have a small problem. I cannot ping and access the ip address of my external interfaces although I can ping their default gateway. I already assigned interface mgmt for each interface and allowed ping, https, ssh and response pages but no luck.

...

DHCP Not releasing IP addresses

Called support they said 'known bug' upgrade to 3.10 . Did the upgrade and IP addresses are still committed (lease expired for months in some cases) and not being released and added back into the pool. Any ideas on how to solve this?

Intermittent User-ID with eDirectory

We're on a PA2050, v4.0.5 using eDirectory Agent 3.1.2 (Windows 2008 srvr) connected to two eDirectory servers v.8.8.5.

Users are being identified on the PA, but not all packets or sessions are showing a userid.

If I filter a single busy source IP in t

...

Resolved! DNS Proxy - Can I use it to resolve all outbound

Can I use the DNS Proxy to resolve all of my outbound DNS queries?

I would like to point my inside DNS servers to the Palo Alto firewall and then let the firewall resolve the DNS query.

Restricting data accessible by admin user/group for ACC/Monitor etc

Hi All,

Can I, in a system that is NOT running multiple vsys, restrict the information that can be accessed, seen etc within the ACC, monitor tab etc. Like a pre-applied data filter is overlaying the entire use?

For example, having a login that is for

...

Qos - Rewrite DSCP field

Hi all,

Can PAN (i've got a pan 500)rewrite the DSCP field for some type of traffic(by Policy-Based routing or any way of doing this)?

Indeed i need to rewrite the dscp field of any RADIUS traffic on ef to make it appears on the WAN as a high priority

...

Resolved! Copy Policy Between VSYS

We are getting ready to start using multiple VSYS on our PA. Want to find out if there is a way to move or copy policy and objects from one VSYS to another?

We have many policies in our original VSYS1 and want to move those policies and objects into t

...

Block Botnet Traffic

Hi All; Is there now or will there be a way to block botnet traffic based on thresholds. A few customers have fireeye and are looking for the same type of heuristic detection and blocking.

Is there a way we can block unknown (Zero Day) botnets using

...

Resolved! playboy.com and dropbox.com categorized as "unknown"

I just realized that playboy.com and dropbox.com are being catergorized as "unknown". "Unknown" has been set to alert only, and not block. I have no idea how long it has been like this, or what other sites may be doing the same thing. I'm on URL F

...

Resolved! Email notification of updates

At present I receive updates for threats, AV, etc. Can I also be added to the list to receive notifications for OS upgrades.

increase of max report size beyond 500?

Hello, I wanted to check the status of my status request to have the max report size increased beyond 500 entires. Is there any update as to when this might be available?

Panorama Connectivity issues

We are having issues getting the devices to connect to the Panorama

The devices (PA4020-3.1.8) connected successfully to the Panorama and then disconnected. The logs on the device do not show any new attempt to connect. I am able to telnet port 3978 o

...

Resolved! Deploying NetConnect 1.3 via group policy

This issue is with Windows 7 and Windows XP SP3.

I created 2 group policies to deploy the Installersetup.msi package and the Pansetup.msi package. The software is assigned to the computer. They both are listed as installed under Applications and the

...

Speech bubble, incorrect config

What does it mean when you have a speech bubble against a NAT or security rule, incorrectly configured ?

Policy - Tag Column

Hi - does anyone know what the maxium number of Tags that can created for use in the Tag column in the Policy tab?

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

How and Why to Accept a Solution to Your Post

Cannot Ping

DHCP Not releasing IP addresses

Intermittent User-ID with eDirectory

Resolved! DNS Proxy - Can I use it to resolve all outbound

Restricting data accessible by admin user/group for ACC/Monitor etc

Qos - Rewrite DSCP field

Resolved! Copy Policy Between VSYS

Block Botnet Traffic

Resolved! playboy.com and dropbox.com categorized as "unknown"

Resolved! Email notification of updates

increase of max report size beyond 500?

Panorama Connectivity issues

Resolved! Deploying NetConnect 1.3 via group policy

Speech bubble, incorrect config

Policy - Tag Column

best practice assessment option is not showing in paloalto customer portal

change default static route

Monitor Logs - filtering with wildcard?

GlobalProtect Automatic Update screenshot?

CLI Arp table result

Re: What is still missing or needs to be improved in PA Next Generation Firewalls ?

Re: Solution for "SSL decryption bypass for Anydesk"

Re: Failed to update content package

Re: Solution for "SSL decryption bypass for Anydesk"

Re: Error installing dynamic update Apps

Unlock your full community experience!

Resolved! DNS Proxy - Can I use it to resolve all outbound

Resolved! Copy Policy Between VSYS

Resolved! playboy.com and dropbox.com categorized as "unknown"

Resolved! Email notification of updates

Resolved! Deploying NetConnect 1.3 via group policy