This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4235 Views
  • 0 replies
  • 0 Likes

APP vs URL

Despite the fact that I've blocked *.logmein.com and the logmein application, I'm still seeing traffic permitted to logmein.com. On inspecting the traffic log details, I can see that the traffic is being identified in 2 ways:06/21 13:07:59 THREAT url ssl block-url URL Default Severity: informational Category: Blocked sites URL: *.app03-10....

robert.b by L1 Bithead
  • 2851 Views
  • 1 replies
  • 0 Likes

Resolved! Spyware Download Tab

Setting up new PA2020. Have upgraded to 3.1.2. In looking at SpyWare profiles, I am not seeing a Download Tab. I only see a PhoneHome Protection and an Exception Tab. What am I missing?

Allowing a subnet complete internet access but logging their traffic

Hi ya'll,Background: We have a seperate Vlan that we call "Raw Internet" with no filtering. This is used by our helpdesk staff. Which means they have open access to Internet and nothing is being blocked.Currently we purchased Palo Alto and I was wondering what would be the best way to do this. Meaning, giving them full access to internet yet...

casdc1pa by Not applicable
  • 4074 Views
  • 2 replies
  • 0 Likes

VLAN and Routing

Hi Guys,I have an issue.I have a PAN-500, I am using 3 interfaces: et1/4 is L3-Untrust, et1/3 is L3-Trust and et1/2 is L3-Trust.ET1/4 has the public IP.ET1/3 = 192.168.0.254/22ET1/2 has 8 sub interfaces, each subinterface has its own IP addressing and belongs to differnet VLANs.et1/2.1 192.168.9.0/26 TAG 30et1/2.2 192.168.9.64/26 TAG 31et1/2.3 1...

Resolved! Getting SSL-VPN clients to see internal servers

I am fairly new to configuring VPN's. I configured SSL-VPN using the wonderful guides found on this site and was able to log in with no problems. With the VPN active all of my traffic was routing out through my PaloAlto device perfectly I could surf the net all day with my traffic through the company IP address. When I try to talk to the servers...

Packet Capture Question

Hey folks,I'd like capture a particular traffic stream for analysis. I see how you can capure a packet trace as part of a Vulnerability Protection profile, but this particular traffic is not seen as a vulnerability or threat (i.e. it's not showing up in the threat log).Is there a way to create policy, defining the stream, and capturing a packet...

User Activity Report

Hey folks,Just installed my first PAN firewall - after running an eval unit for about a month. Loving it so far, but still learning...First question for this board - hope it's not a dumb one.We're running 3.0.9 and pan-agent and that seems to be working fine. In Traffic log and URL Filtering log user ID seems to be working fine. The problem I'...

Resolved! Vsystems With HA( Active/Passive)

Question :Please refer the attached Diagram. /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-ma...

roshithw by Not applicable
  • 4283 Views
  • 2 replies
  • 0 Likes

QoS Question - per session or aggregate?

I am applying an application filter to a QoS class, and then limiting the maximum egress bandwidth to that class. The idea here is to prevent streaming media from consuming excessive bandwidth.My question is, is this maximum egress bandwidth an aggregate of all sessions assigned to the class, or is it per session?Thanks,Grant------------------

QoS in TAP configuration

Hi All,Is it possible to use QoS and Realtime bandwidth monitoring capabilities, while in a TAP only configuration?Cheers, SteveR

KatanaNZ by L3 Networker
  • 3269 Views
  • 1 replies
  • 0 Likes

Lost Newbie - TAP Interface

We bought a PA-500 just to start kicking the tires. I was ready to see a Juniper style GUI but was quickly lost in the PA Interface. Here is what I am looking to do, maybe someone can give me a quick list of configuration steps.All we want to do is to see the traffic for now. It would be nice if we could do the LDAP Integration to see who is doi...

jickfoo by Not applicable
  • 3033 Views
  • 2 replies
  • 0 Likes

VeriSign VIP Authentication Service

Does PAN OS 3.1.2 support VeriSign's VIP Authentication Service for the SSL VPN connection? We are looking at setting up two-factor authentication for our VPN clients.http://www.verisign.com/authentication/two-factor-authentication/vip-authentication/index.html

mharding by L4 Transporter
  • 3412 Views
  • 2 replies
  • 0 Likes

Communication Problem between Lan and DMZ

Hi, We have PAN 500 device with us..deployed in L3 mode.Lan and DMZ communication is happening only if i have NAT rule in place with the destination zone and interface mentioned (but no natting be done)between them.Do we really require a NAT rule in place for achieving this.I guess this doesn't require.We have tested with all OS and models.Anyon...

Missing data in TRAFFIC logs

HiPANOS ver: 3.0.5Device: PA-2020Exported traffic logs contains information about which protocol is used, however if the protocol is ICMP the type and code is not displayed. I a specific case im looking at right now both application and protocol is icmp which makes it hard to know if its a echo request or something else...

u2521 by Not applicable
  • 2768 Views
  • 1 replies
  • 0 Likes

Missing fields in URL log

HiPANOS ver: 3.0.5Device: PA-2020Did some exports of the sublogtype: URL and got the following columns/fields:Domain,Receive Time,Serial #,Type,Threat/Content Type,Config Version,Generate Time,Source address,Destination address,NAT Source IP,NAT Destination IP,Rule,Source User,Destination User,Application,Virtual System,Source Zone,Destination Z...

u2521 by Not applicable
  • 3045 Views
  • 1 replies
  • 0 Likes
  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks