General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1696 Views
  • 0 replies
  • 0 Likes

4.0.1 Unable to commit error "drop-packets is unexpected"

After upgrade from 3.1.7 to 4.0.1 and while attempting to configure the botnet reports; I tried to commit and recieved this error:

profiles -> spyware -> Spyware-Alert -> phone-home-detection -> custom -> 12656 -> action -> drop-packets is unexpected

I

...

b1989j by L1 Bithead
  • 2495 Views
  • 3 replies
  • 0 Likes

Custom App with Dynamic

If I have a custom application which uses default port as tcp/dynamic, and then on the application override policy, I define a TCP range, say 9400-9699, and configure a policy which allows this app, with service as 'application-default', what would b

...

bbivolaku by Not applicable
  • 2825 Views
  • 1 replies
  • 0 Likes

HA synchronization failures - what would cause?

Hi.

I have a pair of PA2050's in a HA configuration which run just fine - I've had successfull failover (for software upgrades) without issue.

Occasionally (once a week, maybe), I notice int he High Availability section of the dashboard the section tit

...

dagibbs by L4 Transporter
  • 3940 Views
  • 4 replies
  • 0 Likes

Resolved! IE9 breaks redirect to Case Management?

After upgrading to IE9 I can't seem to get properly redirected to the Case Management page from the general support langing page https://support.paloaltonetworks.com

Instead I get redirected to a page (on htps://na5.salesforce.com site) with this erro

...

KGC by L3 Networker
  • 2615 Views
  • 3 replies
  • 0 Likes

Identifying applications inside ssl without decrypting

We have a large amount of ssl traffic which we would like to better break out and identify for clearer reporting. For the most part this is inbound traffic destined to our public application servers, so we know what it is without decrypting it, but i

...

KGC by L3 Networker
  • 2505 Views
  • 1 replies
  • 0 Likes

Application vs Service

I have a server that I can create a rule with Applications (e.g web-browsing, ssl), but I also need to open up specific ports (e.g udp-20).  Do I need to create 2 separate rules (ie are the Application/Service fields an "and") or can I use 1 rule (Ap

...

bhelman by L2 Linker
  • 3135 Views
  • 2 replies
  • 0 Likes

Resolved! Permitted IP : Documentation wording

Hi,

In the version 4.0 admin guide , the description for permitted IP address in Device > Setup is as follows.

"Permitted IP Addresses Enter the IPv4 or IPv6 addresses of any external servers that are used to provide updates to the firewall through the

...

Resolved! PAN release 4.0 and NAT feature

Hi all,

With this new release, is it possible to define destination NAT rules based on source region criteria ? for example : ASIA => NAT1, Europe => NAT 2 and so on....

Thanks a lot.

bdaussin by L0 Member
  • 3409 Views
  • 4 replies
  • 0 Likes

Panorama Security policy & Filtering

I may be being a bit thick (entirely possible). But, when I'm in the security policy on Panorama (pre rules) i want to be able to filter only the particular rules that are on a particular target vsys. Currently I have 2 virtual systems on a single PA

...

fmd by L3 Networker
  • 1969 Views
  • 1 replies
  • 0 Likes

Auto-Lockout Panorama

Hi All; [SOLUTION PROVIDED]

I have a Panorama server I manage over VPN.  basically when two people login with the same account. The account gets locked. I didnt configure it this way it is somewhat unexpected.  Anyway, both users had chrome browsers a

...

amansour by L4 Transporter
  • 2720 Views
  • 1 replies
  • 0 Likes

LDAP - failed to create page control

Hi All,

Seen this in the ldapd.log file.

Has anyone come across this before ?

Mar 16 10:10:03 connected to ldap server ldap://172.17.23.132
Mar 16 10:10:03 ldap cfg LDAP Server connected to 172.17.23.132:389(index 0)
Mar 16 10:10:09 Warning: pan_ldap_s

...

Incomplete Packets after Service Applied

Hi There;

For some sessions like availability monitors and other systems that make connections over a port that has the "service http or service-https" applied in a policy, these will fail unless you allow any service to the host or create an applica

...

amansour by L4 Transporter
  • 2838 Views
  • 1 replies
  • 0 Likes

HSRP L2 Split Brain

Hi All;

Thought I'd post this for anyone who has the PA going through a cisco HSRP L2 at the perimeter.  Traffic is intermittent between the two firewalls if you leave the passvie device interface to "Auto" instead of "shutdown" in the passive state.

...

amansour by L4 Transporter
  • 3950 Views
  • 1 replies
  • 1 Likes
  • 24217 Posts
  • 117 Subscriptions
Top Liked Authors
Labels