This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4450 Views
  • 0 replies
  • 0 Likes

Blocking ChatGTP

Hi Guys, @BPry @kiwi How do you go an blocking ChatGTP ? Seems like has not been defined in the list of apps yet (applipedia) Thanks, Pkarki

Pras by L4 Transporter
  • 17230 Views
  • 5 replies
  • 1 Likes

Resolved! security policy in monitor mode only

Hi, This is a new Palo Alto deployment. We used to have Cisco FTD as IPS and now we are replacing with Palo Alto. We have 3 devices (router and SDWAN) that we configured using vwire so all traffic to the DC would pass through the Palo Alto inspection as IPS. I would like to deploy the security profiles/group (vulnerability/antivirus/spywar...

ismailsh by L1 Bithead
  • 4278 Views
  • 3 replies
  • 0 Likes

API - Fetching URLs from Custom URL object

Hi all, we have a Custom URL category object, WL-URLS, which contains a number of URLs for a whitelist policy. I am looking to find some information on how to go about retrieving the URLs from this object via the XML API. My preference is the XML API as I am working with the Python PAN-XAPI library, however I'm struggling to find what I'm look...

365 tenant restrictions problem with office365-enterprise-access

Noticed that a few of our enterprise logins that were previously identified as "office365-enterprise-access" are now being identified as "ms-office365-base". I've found an article explaining some of the issues. I know that this was working flawlessly about 2 years ago, but something must have changed with MS or with palos enterprise access ap...

Sec101 by L4 Transporter
  • 3597 Views
  • 1 replies
  • 0 Likes

GlobalProtect and multiple AAD tenants

Hello - We've set up a GlobalProtect portal and gateway to connect third-party individuals to our VPN. We've configured it to use SAML for authentication, leveraging an Azure Active Directory Enterprise Application that we have configured per the Microsoft guide (https://learn.microsoft.com/en-us/azure/active-directory/saas-apps/palo-alto-netw...

Entries in User-ID table show info pushed from XMLAPI never timeout

Hi guys,My customer previously used XMLAPI to push User-ID info to Palo Alto but they now have an Aruba Clearpass appliance which will be handling all User-ID information via Syslog.Due to software issues they cannot currently use XMLAPI between Clearpass and Palo Alto as the system has multiple vsys. Now the issue is that there are a lot of ent...

MelLi by L2 Linker
  • 8189 Views
  • 6 replies
  • 0 Likes

Resolved! New Anti-Spyware Signatures, false positives?

Hello, The latest application and threat content update this week added a couple of new anti-spyware signatures: medium 86759 AndroxGh0st Scanning Traffic Detection spyware alert medium 86760 AndroxGh0st Scanning Traffic Detection spyware alert These are being described as python malware exploiting your aws keys t...

axemte by L0 Member
  • 7593 Views
  • 1 replies
  • 0 Likes

Resolved! Certificate based Site to Site VPN (IKEv2)

Hello Folks, I am trying to build a site to site vpn between a Palo Alto firewall running 8.1.7 and a Checkpoint firewall. Settings are configured to use IKEv2 only with certificate based authentication. While the logs below are from lab setup, but the actual client problem are the same. PA and Checkpoint firewall certificates are signed by the ...

Udupi by L1 Bithead
  • 30759 Views
  • 12 replies
  • 1 Likes

SSL Inspection and SSL Labs

Outside of minimum and maximum supported tls versions and ciphers what are some things to look for on SSL Labs that would be breaking decryption. In the Palo decryption logs if it shows error "Early close notify" what would be something to look for as the root cause?

Claw4609 by L5 Sessionator
  • 6153 Views
  • 7 replies
  • 0 Likes

GP Compatibility on Windows Server

Hello, everyone. Does anyone know if you can install the Global Protect agent, on Windows servers, such as 2012, 2016, 2019???? Is there a documentation that tells me and confirms this? I see in the Palo Alto Firewall, that the computer does not give me the option to select a HIP OBJECT criteria, based on OS for example, for the Windows Servers,...

Matlu_NN by L2 Linker
  • 6111 Views
  • 6 replies
  • 0 Likes

Resolved! Is PA capable to scan for malware in Activesync/Outlook365 traffic?

Hi, We have PA-850 appliances with Wildfire and AV licenses. Recently we enabled the decryption of email traffic and now we are dealing with the data protection officer, he is asking us to detail what exactly is being inspected. At first I thought all attachments and URL were inspected. But then I found some information about link analysis only...

SSL decryption - How to deal with third party sites that don't install the intermediate certificate?

I turned on TLS (let's start calling it what it is) decryption for our IT personnel only a couple of years ago. It was considered a pilot and I always planned to work with our legal department to craft a policy and start rolling it out to the broader organization; however, it seems like every time I get ready to do that, one of our IT users rep...

Next Hop in default route using DHCP Comcast modem

Hello Group, I am setting up a PA-200 in my SOHO with comcast as my ISP. I have comcast for my isp and am using DHCP to optain my IP address. My question is this. Per the setup guide, if I check DHCP under the IPV4 tab, and check, Automatically create default route pointing to default gateway provided by server. Am I to assume this will creat...

BryanMay by L1 Bithead
  • 7408 Views
  • 5 replies
  • 0 Likes
  • 24376 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks