This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4117 Views
  • 0 replies
  • 0 Likes

Upgrade issues

Hello,I have a PA-500 device running on PanOS 3.1.4. I try to update it to last release PanOS 4.0.2. (Direct upgrade allowed following the RN)I have no Internet conection yet, also I would like to install it from a local file.I click "Upload", locate my software package PanOS_500-4.0.2 then I click "Install from File" and select my package from...

ldormond by L3 Networker
  • 6684 Views
  • 8 replies
  • 0 Likes

decrypted SSL traffic over Proxy since 3.1.10 slow

Hi folks,since upgrading to 3.1.10 is the ssl traffic (with decryption on the firewall) by squid proxy significant slower as without using a proxy. Not on all websites, but on some the browser needs up to 1 Minute to display the first page.I tried several squid options. Neither in the firewall nor in the proxy logs is any error or blocking annou...

mhuels by L3 Networker
  • 1990 Views
  • 1 replies
  • 0 Likes

Resolved! Creating Reports based on OU

Hello,I need to create custum raports regarding user web activities based on OU from our AD. Is it possible? And if yes how to do it?I was trying to create custum raport and then set user.src in our_ad/group, but it doesn't seems to work.Regards,Piotr Bratkowski

Resolved! User Report to create custom logo

Hi,When I query a custom report, I get Palo Alto log on all pages, I need to replace this logo by a custom company logo.Kindly advise how I can change this logo, so that the final PDF report generates the company specific custom logo.Rgds,Tauseef Ahmed.

ta185020 by Not applicable
  • 2446 Views
  • 1 replies
  • 0 Likes

Commit Failed: PAN-OS 3.1.5

Hi All,Have a PA-500 which is failing on a commit with the following:OperationCommitStatusCompletedResultFailedDetails device: No rule entry definedCommit failedHow can I troubleshoot this further, I am not sure what it would be refering to.ThanksMarc

Allowing the PAN to respond to tracert

I'm able to ping the interface and don't see any denies in the log, but when I traceroute through the PA-500 it does not respond.The rest of the hops do respond, just not the PAN itself.

bjdraw by Not applicable
  • 10032 Views
  • 5 replies
  • 0 Likes

User ID Agent

Hello- I am running PAN OS version 3.1.7. I am running a User ID agent on an application server within the domain but I am not getting complete user ID information in my traffic/threat logs. We have just upgraded to Windows 2008 R2 64 bit domain controllers. Should I install and configure the User agent directly on the DC's for better result...

Resolved! User names not showing in logs, but do show when writing rules

I have a PA500 running version 4.0.5 and a PAN-agent running 3.1.2AD. I see the pan-agent working and connected to the PA-500 when I run the "show user pan-agent statistics" it says I have hundreds of users and all my groups and IP's in the output of that command. However, when I go to monitor the traffic log or any log for that matter, no user...

mnwvpn by Not applicable
  • 4244 Views
  • 2 replies
  • 0 Likes

User-ID users not timing out

I only have a few users currently as this is a new deployment however the very few users I have do not seem to time out. I'm using the latest PAN agent on Win2008 R2.I have users still mapped who haven't been in the office for over 2 weeks. I have myself across about 6 IP's too. I also have mappings to users who are not here.My config is all de...

msnazel by L0 Member
  • 2857 Views
  • 2 replies
  • 0 Likes

Application is Incomplete

In the monitor log, what does it mean when it shows Incomplete under the Application?I am blocking incoming RDP and everything works fine (Action = Deny) as long as it sees it as MS-RDP or T.120 but I am seeing some traffic shown as Action = Allow on port 3389 when Application = Incomplete.How would I block take traffic?

rbrogdon by Not applicable
  • 10117 Views
  • 5 replies
  • 1 Likes

NAT Multiple external IP's to a single inside host

I'm trying to find documentation and/or any help to see if PAN firewalls are capable of NATing Two external IP's to a single host IP.My scenario:ISP1 204.23.123.123 ----------> Internal host 10.10.10.10ISP2 79.23.123.123I have tried searching documentation as well as contacting support and I have not received any...

Block doubleclick.net

Hello,I would like to block *.doubleclick.net because I am suspecting that it is the source of few spyware infections in our corporate network. Has anyone blocked this category of websites in the past? Is there a side effect if I block them (e.g. legitimate websites not loading etc).Kind regads,Andreas

Resolved! Panorama 4.0.5 Pushing Policy to 3.1.9

Confirmed with support that if Panorama is running 4.0.5 and a managed device is 3.1.9 policy will not Push to the remote device from Panorama. The workaround would be to downgrade Panorama to 4.0.4 which requires reboot and reindexing or upgrade remote device to 4.0.x As per the recent discussions of the data plan resets of the latter version...

opiedrah by L0 Member
  • 2698 Views
  • 1 replies
  • 0 Likes

Resolved! SSL VPN and TLS support

The NetConnect user authentication page does not load completely when the client browser (IE 8, for example) has TLS 1.1 / 1.2 enabled. Instead of the Name and Password prompt, you get a popup window with an empty white frame.I read a couple recent release notes and did a search in the KB, but couldn't find any reference. Is this is known prob...

nwallette by Not applicable
  • 3002 Views
  • 1 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks