This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! Palo Alto firewall vs Web Proxy

Hi folks, I am trying to understand what references mean when mentioning Palo Alto firewall as a web proxy or any reference to it that way.I mean, from what I gather, the PA does not cache web requests like a web proxy product would, or rewrite URLs, or have other traditional web proxy type features. Unless I am wrong? Could it be that the term...

OMatlock by L4 Transporter
  • 23205 Views
  • 8 replies
  • 0 Likes

SDWAN Rouitng

2 ISP circuits added as SDWAN links You can not 0.0.0.0 / 0.0.0.0 route with the same metric of 10 This one is Metric 10 one is metric 15. How do you use both circuits?

Commit scope is unavailable when a full commit is required

Hi Team, Let's see if you can help me with this behavior, In Panorama 9.1.9 the following message is displayed when trying to commit: "Commit scope is unavailable when a full commit is required" I see that there is pending configuration to push the devices and I decide to "Push", not leaving pending to apply any configuration on the devices, ...

MS-ISAC TAXII Feeds

Is anyone successfully consuming TAXII feeds from MS-ISAC, specifically, their feeds from taxii-pilot.cisecurity.org? The miner shows success and there are log entries for indicators, but there are no indicators in the counters or graphs.    

2021-06-24 08_21_01-Clipboard.png
2021-06-24 08_22_31-Clipboard.png
2021-06-24 08_21_59-Clipboard.png
ngagne by L1 Bithead
  • 8559 Views
  • 8 replies
  • 0 Likes

Google meet/ hangout Stun servers aged-out

We have noticed an issue especially with Google Meet/Hangout when we often get one way audio. I can see from the traffic logs that Stun servers are showing aged out and the application is stun. However it is using a non standard port 19303 I suspect this is the cause of the issue. How can I ensure the traffic is correctly identified and al...

Capture Portal 403 error

Hey Live Community,I'm working on a project to have two zones on a vwire (one trust, and one lab). In order to get to the lab zone from the trust zone, I've created rules to only allow authenticated users to go through, and I've created my capture portal in accordance to their vwire documentation:Configuring Captive Portal in V-Wire (with RADIU...

How to disable cortex xdr on home computer

Hi, cortex xdr was instaled on my computer and now i dont have acces to my network, i tried everything but i cant disable cortex. can somebody help me to disable and uninstall this program?

TilenG by L0 Member
  • 31394 Views
  • 2 replies
  • 0 Likes

How to identify long live session(s) ?

Hello, I am trying to identify those long live sessions on my firewall, I mean those session(s) that never ended for weeks at a time. This is what I found out so far. 1. I can't export the whole session log to perform offline analysis,2, I did not find anything related to session start time as filter under show session all filter.3. ACC will...

Reverse Proxy

Can the PaloAlto do reverse proxy like ISA can?If I have an internal web server hosting multiple sites how do I publish that through the PaloAlto?

CRL with no internet

Hello, I have a 440 with no internet access. I could not find documentation on the proper way to update the CRL when my firewall does have access to the internet. Thanks for any help that I might be able to get with this.

Resolved! App Identification and ALLOW rule - does this make any sense?

Attached is a screenshot of a rule that is ALLOW'ing ICMP, IKE, IPSEC, PING. Can someone explain why SSL is in the APPS SEEN list? I don't see where any of these applications have an implicit allow for SSL/443 trafffic yet if I read this right it is saying it sees SSL and more importantly allows it here because it hasn't narrowed it down to wh...

Resolved! NAT

Hi Team, Is there any way to get a history of when NAT oversubscription dropped packets/sessions? Or can I only get realtime data on that?

vij by L1 Bithead
  • 1945 Views
  • 1 replies
  • 0 Likes
  • 24386 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks