This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4451 Views
  • 0 replies
  • 0 Likes

Resolved! Threat Intelligence shows malicious traffic coming from Palo Alto subnets

Hello All, Recently, we started seeing threat events from different Palo Alto IPs (example subnet 198.235.x.x). When we check them in AbuseIPDB, they show up as 100% malicious: https://www.abuseipdb.com/check/198.235.24.146 Microsoft TI also categorizes them as malicious, but not the PA FWs. Does anyone know what these subnets are used for or ...

Non-RFC Compliant DNS Traffic on Port 53/5353

HI, Continuously receiving vulnerability threat events (Non-RFC Compliant DNS Traffic on Port 53/5353(56538)) form the same source IP towards our PA public IP addresses. The source is also clean and belongs to Vodafone ISP. I could not find any other trace to resolve the issue. Please assist how I can proceed to resolve it. What action I ...

The 2034-24 Cyber Elite Program Is Here!

LIVEcommunity is pleased to announce the 2023-24 Cyber Elite Program! Cyber Elite members are LIVEcommunity super-users and cybersecurity experts who are generous in sharing their insights and expertise to help others in LIVEcommunity. Want to know how to tell who is a Cyber Elite expert? Look for the Cyber Elite trophy icon next to a user...

jforsythe_0-1692904865177.png
jforsythe by Community Team Member
  • 2033 Views
  • 1 replies
  • 3 Likes

SSL Decryption Certificate Self-Signed vs Public Trusted CA

Hi, I searched and read a lot about it, but the more I read the more I get confused. I would appreciate, if someone explain me the difference between self-signed and public trusted certificates for SSL Decryption. As I understand, I need to import it into endpoints machines anyway to make decryption work. Then what is the point of public trust...

Shahlar by L1 Bithead
  • 23801 Views
  • 12 replies
  • 0 Likes

Resolved! Panorama vm running slower and slower until stuck

Hi The issue on panorama is there for long time. Anyone can help to resolve it? When panorama vm is created on eve-ng on ESXi, its speed is very slow and even stop or stuck there. I found the slowness is related with memory and storage size available. because i can see the panorama vm storage utilization become more and more until the storage is...

kevinospf_0-1693017474861.png
kevinospf by L3 Networker
  • 3334 Views
  • 2 replies
  • 0 Likes

How to know the process in a Firewall that generate Traffic

I have seen unusual traffic in the Firewall. A lot of sessions are generated from an interface (inside) to the IP Address 5.5.5.5 to the outside interface. I would like to know what process or the reason to the Firewall generated this traffic. I check the NAT Route and I don't have to configure something like that. I am a little bit worr...

Issues without using Proxy IDs on IPSEC tunnel

We are running into issues with VPN when we chose not to use PROXY ids between two PA firewalls. We see it works fine when we add the proxy ids, but we shouldn't need to if both of them are Palo Alto, isn't it? We see phase 2 keeps failing and the tunnel would not come up. "IKE phase-2 negotiation failed when processing proxy ID. Cannot find mat...

GLOBALPROTECT split navigation

Hi everyone. Currently I have a request. When vpn user is accessing throught globalprotect is necessary that fullfill two thing: If device is corporate (domain) he can use internet resource enterprise internet. But, when device is personal he must navigate with their own personal internet resources. Can I reach this with HIP profile and split...

apazmino by L1 Bithead
  • 2130 Views
  • 3 replies
  • 0 Likes

VPN Proxies

I have a VPN tunnel, which is up and running. I have two proxyIDs in the tunnel with the same local address but different remote addresses. I can only get one proxy to connect. For example, I currently have proxyID1 connected and can ping the other side. In the CLI, if I type test VPN ipsec-sa tunnel tunnel-name-proxyID2. It does not come up. I ...

perton by L0 Member
  • 1436 Views
  • 2 replies
  • 0 Likes

TS User-ID and FSSO in the same server

Good morning, reviewing the documentation of palo alto and fortinet informs me that they use the same internal ports for the fsso and for the user-id and to rule it out completely I wanted to know if you could configure the fsso and the user-id in the same server and that they are working simultaneously.

review cached URL continue challenge entries

Hi Guys, according to below article URL entries is cached for users per category.is it possible to check cached entries per user/URL/category to see current state? Continue Action in URL filtering not working as expected Thanks,

jogyulas by L0 Member
  • 1394 Views
  • 1 replies
  • 0 Likes

Palo alto panorama - Any advice on how we can deal with old logs?

We would like to migrate logs from M100 to M200 – Could you please advise how to proceed? M100 has 4x2 disks M200 has 2x2 disks M-100 appliance to an M-200 or M-600 appliance- I understood this from the below URL. Kindly correct if any change Log migration is not supported. The M-100 appliance logging disk form factor is not supported on the M...

  • 24376 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks