This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4121 Views
  • 0 replies
  • 0 Likes

Resolved! Negate Deny Rule

Hi All, I have a negate rule on the firewall Souce Address - 10.1.1.1(Negate) Destination Address- Any Service- https Action- Deny Does it mean that it will allow 10.1.1.1 and deny everything or does it mean that it will deny everything and then I need to create an accept rule to allow 10.1.1.1. Will 10.1.1.1 be allowed through this negate...

Ujbal89 by L0 Member
  • 1550 Views
  • 1 replies
  • 0 Likes

Resolved! Secure Renegotiation in PANOS 9x?

I'm seeing some posts stating that Secure Renegotiation is not supported on the Palo Alto platform. Is this still true for the latest release, v9.x? If so, how is it enabled?

Personal VPN Services thwarting Company Policies

Downstream of our PAN's, we have our Citrix environment. This environment includes some Netscalers that have a nice feature in that they provide in their SYSLOG, two fields named "ClientIP" and "NATIP". This proves quite useful in that while the ClientIP field geolocates to a local Boston IP address, the NATIP address shows they are coming in...

Jaragorn by L1 Bithead
  • 6724 Views
  • 16 replies
  • 0 Likes

Resolved! EDL problem

Hi,I find this error: EDL(my list) Entry not referenced by a rule.What does it mean? How can I resolve it?

s_quasar by L3 Networker
  • 26854 Views
  • 18 replies
  • 0 Likes

Never Stop Learning - Palo Alto Networks’ NEW Education Services Offerings

The NEW Education Services Pages have been updated to a highly interactive section on the LIVEcommunity. You can find out more about expanding your skills and knowledge through Palo Alto Networks’ world-class education and certification programs. By enabling our community members to receive up-to-the-moment and constantly refreshed educatio...

jennaqualls by Community Team Member
  • 6916 Views
  • 3 replies
  • 2 Likes

Detect Unknowed device

There is a functioning access point TP-Link EAP225.Cannot be managed from connected devices.We know MAC Address because present on a label.Is on a unknowed subnet.But this device use gateway with Palo Alto.We don't know IP (we have try all usal IPs).We have try some porscan, verify with Wireshark but without result.I have try tu access to Paolo ...

configuration change used to be pushed to firewall

Hi Configuration change in template/stack used to be pushed to the firewall from panorama. but now after some change(creating new zone etc) made on template is pushed to the firewall, the change cannot be seen at the firewall again. so the configuration not be pushed to the firewall. Palo alto firewall is connected to panorama normally and it sh...

kevinospf_0-1694620407770.png
kevinospf by L3 Networker
  • 3718 Views
  • 8 replies
  • 0 Likes

submit error message when remove DG

Hi Device group is created in panorama. but when I want to remove all of Device goup and submit, I got the error message. Since it is invalid command, why it cannot be removed? Please see the below. Thanks

kevinospf_0-1695089104872.png
kevinospf by L3 Networker
  • 1104 Views
  • 1 replies
  • 0 Likes

I want to block PotatoVPN ( Threat ID 86751 )

I want to be able to block PotatoVPN Traffic. I am successful in most of my other VPN threat hunting safaris but this one is fairly new and my current rules don't capture this little guy. Has someone out there created a policy that successfully blocks potatovpn. Can I create a policy rule simply off of the identified threatID of potatovpn wh...

Resolved! VPN traffic capture

Hello, I need to capture what passes through a VPN site-to-site tunnel. I'd like to see the tunnel and not the ESP.With tcpdump you can use the command "tcpdump -i enc0" which decrypts the ESP.On Palo Alto, what is the equivalent command? Because with view-pcap follow yes filter-pcap <filename> I can only see the ESP.Thanks

  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks