This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Resolved! some CLI command

One requirment is : infos need come from CLI ( not GUI) , PLs advise :1. We can view all admin-accout infos (name,role etc.) in GUI Device->Administrators , what's CLI cmd could show these list ?2. Web console or CLI console login timeout value --how to show and set ? 3. SNMP setting show ?ThanksJeff

JeffJin by L2 Linker
  • 3375 Views
  • 3 replies
  • 0 Likes

dns-proxy static entry lost

I've got a PA-5050 running version 4.0.6.I'm using the dns-proxy to resolve a single address from my wireless guest network access. It works fine for days, then sometimes just stops working.Under Network >> DNS Proxy the entry is listed and enabled, however; doing ' show dns-proxy static-entries all' shows the list as blank.(active)> s...

turnerr4 by L0 Member
  • 2004 Views
  • 1 replies
  • 0 Likes

H.225 Content Inspection

I am having a problem with VOIP communications passing through my PA-4020's. The PA is recognising the H.225 application, however it would appear that the content inspection is not translating the IP addresses within the application payload, I do have a NAT rule setup for the IP address in question.Specifically I am talking about H.225 registra...

debsPal0 by Not applicable
  • 3346 Views
  • 1 replies
  • 1 Likes

Edinburgh - pbf + zone lookup snafus

Hi,I'm seeing the following.Consider:- two existing Internet lines, put in zones "I-1" and "I-2"- there are two L3 interfaces, one in I-1 with address PA-1, one in I-2 with address PA-2- the default route goes to a router reachable in I-2- there's a PBF policy to forward everything to a router in I-1There are two destination NATs:- from zone I-1...

Commit failed due to Application update

After an auto update of application we can't do a commit with out explanation on the commit page.We discover that when we do a revert of application the commit is ok so we put off the auto update but we want it back.How could we solve this problem ? Could it be possible to know which policy or application is concerned ?Regards

support by L1 Bithead
  • 4222 Views
  • 4 replies
  • 0 Likes

SNMP V3 Configuration

I notice that there is no example or detail descriptions for configuration of SNMPv3. Here is my configuration which works but I never got the include/exclude mask to work. If someone else have an example or recommendations please upload.set deviceconfig system snmp-setting access-setting version v3 views <snmpview> view <snmpview-oid...

blacksan by L1 Bithead
  • 5835 Views
  • 1 replies
  • 0 Likes

CPU

I would like to know that If I observe from Throughput and Session is not exceed the maximum number that box can support. What cause that may make CPU performance overload? Please kindly share idea.Note. My box is PA2050. Thoughput is around 400Mbps and Active session is 65,000.

New PA Purchase - Rules question and any tips?

Recently purchased a PA2020 to replace our Cisco PIX 525. I'm in the process of auditing our cisco config and recreating it in the PA.I'm looking for suggestions on how to allow applications inside to outside and outside to inside.I only have two zones setup. inside-trust & outside-untrustCan I just create one rule to allow skype that list...

How do I use the query feature of the CLI show log traffic command?

I'm trying to perform a complex log export operation from the command line, as the web GUI seems to be drastically underpowered and slow to respond (hours to see, longer to export in CSV), and from the command line I can't perform queries using terms to extract data in a date range, or figure out how to do that.Ideally, I'd love to execure the q...

jsilvia by Not applicable
  • 15507 Views
  • 5 replies
  • 0 Likes

SSL VPN users unable to access the internet though Palo

Hi I have setup SSL VPN and its been in use for a few weeks without any issue with the exception of one minor annoyance.I have been unable to get the SSL VPN users to be able to see the internet when connected. 1) The access route is set to 0.0.0.0/0 to force all traffic back though the Palo Alto. I don’t want users getting internet...

IPS functionality testing

We are looking to do a live demo of PAN devices to some leads . Does anybody have tool we can use to demonstrate the IPS functionality in real time .Putting the box through a wide range of attacks . App ID is pretty easy but Checkpoint now does application visibility . I have heard about metaploit . I havent seen a windows version u could easil...

usvi by L3 Networker
  • 2976 Views
  • 1 replies
  • 0 Likes

Resolved! Commit Failed (HA active-passive)

Hi, Commit on customer PA500 Cluster running in Active-Passive mode on PANOS 3.1.6Details device: Client device registered in the middle of a commit. Aborting current commit.Commit failedsystem log:Receive Time Type Severity Object Event Description10/26 13:54:20 general high general Commit job fa...

Resolved! Block Outbound SSTP (Secure Socket Tunneling Protocol)

Is there a timeline when the ability to block SSTP outbound will become available or is it possible now?Microsoft's latest and greatest is surely a hole that it would seem most don't want in their environment.Any insight would be greatly appreciated... thus far it seems that only TMG (Threat Management Gateway) can block SSTP short of blocking a...

micit by L1 Bithead
  • 4299 Views
  • 3 replies
  • 0 Likes

Resolved! User-ID Agent for Active Directory won't transfer mappings

Hello-I have a new PA500 (running 4.0.4) that I've set up and am now trying to tie to Active Directory in order to create user-based policies. I have everything configured to my knowledge, but I'm not getting any user-IP mappings on the firewall.I installed what I believe to be the latest AD agent, 3.1.2 (filename PanAgent-3.1.2.msi), on my se...

Resolved! Data Filtering by Name

In "monitor" --> "Data Filter" is there a way to filter by name? The name shows things like zip and rar and filtering by this automatically would be very useful. Or is this available in a feature-set beyond 4.0.1?Also, the release notes for 4.0.5 link appears broken, or otherwise unavailable. Is this going to be available again sometime i...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks