This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

panorama scp export more command?

It is linked to equipment A, B, C, D in the panorama. I want to extract only the traffic log for equipment A. ↓ ↓ ↓ ↓ ↓ ↓ The above command extracts all A, B, C, D traffic logs. ↓ ↓ ↓ ↓ ↓ ↓ ↓ scp export log traffic start-time equal 2014/05/16@12:19:02 end-time equal 2014 /05/16@12:19:02 to goran@10.193.20.226:/home/goran/kb1.csv Can't ...

qmso475 by L3 Networker
  • 1331 Views
  • 1 replies
  • 0 Likes

[ICMP Covert Channel] Allow only ICMP Ping packet that has specific payload.

Dear all, I am using PA-8.0.0-ESXi virtual machine and I am trying to prevent covert channel communication using ICMP Payload. For example, as captured using Wireshark, the default ICMP type 8 (Echo request) for Windows machine is abcdefghijklmnopqrstuvwabcdefghi or \x 61 62 63 64 65 66 67 68 69 6a 6b 6c 6d 6e 6f 70 71 72 73 74 75 76 77 61 62 63...

hibagus by L2 Linker
  • 13725 Views
  • 15 replies
  • 1 Likes

block IP's in same zone

Is it possible or practical to block traffic between two server in the same firewall zone by designating the source IP from the server you want to block access to the server to the destination server indicated by IP

jdprovine by L4 Transporter
  • 17009 Views
  • 35 replies
  • 0 Likes

Discard UDP from Paloalto Session TImeout

  Hello all,Recently, customers are experiencing a phenomenon that Syslog traffic coming into the same source port remains in the Discarded Deny Session. As a result of my checking, it was confirmed that it occurred while being constantly refreshed due to Discard UDP Timeout in Paloalto Session Timeout setting.Discard UDP : Maximum length of tim...

Screenshot 2023-01-12 at 9.40.17 AM.png

PA440 not booting

Hi everyone, I have a problem after rebooting a PA440. The device simply puts a message on the console that no bootable media has been found and then shows a BIOS-like menu with several entries (boot manager, system setup etc.). However, if I select one of these entries, it asks me for a password - neither the serial number, MA1NT, admin nor the...

ad_hoe by L0 Member
  • 9025 Views
  • 3 replies
  • 0 Likes

Resolved! Listed amount & type memory for PA-850

Maybe I am missing something but my security group requires the memory amount and type used for hardware devices prior to admittance on classified networks. I don't see a confirmed type and amount in any of the documentation. Was wondering if this was available?

J.Luce by L0 Member
  • 2612 Views
  • 2 replies
  • 0 Likes

Allowed sites not loading correctly

I am new to Palo Alto Firewalls so I am trying to figure this out. In our policy we have facebook allowed and it is not displaying the whole page. Am I missing something? Please note you are posting a public message where community members and experts can provide assistance. Sharing private information such as serial numbers or company informati...

P-A 220 Firewall - Basics

I recently joined a company that has some P-A 220 firewalls. I have access but for now it's "read-only" whilst I am learning, I am trying to find my way around the GUI web interface but even looking up a device by MAC address doesn't seem obvious. Is there a end user guide or manual that might help me become familiar quicker with navigating ...

ibuildp by L1 Bithead
  • 4001 Views
  • 6 replies
  • 1 Likes

Device certificate is not renewing automatically

Hi all, hoping someone may be able to assist with an issue. We are seeing that every 3 months our PA device certificate is expiring which causes issues fetching updates from various cloud services (URL filtering, wildfire, update server etc). Upon renewing the device certificate manually using the OTP in the CSP, the process works and the ne...

Resolved! show url-cloud status - nothing returned

I am trying to get a basic url filtering profile setup. I have cloned the existing default listing I have applied the clone to my outbound policy Nothing is being blocked, I can get everywhere! My troubleshooting has then led me to the 'show url-cloud status' CLI command but this returns nothing, it simply appears to timeout after 20-30 seco...

WilliamD by L1 Bithead
  • 6451 Views
  • 2 replies
  • 0 Likes

URL Filtering - Counter Termism Internet Referral Unit (CTIRU)

Hi All. First post so hopefully in the right place. We are using our 3220s for url filtering in our school. I have been asked to check if our filtering is including content from the UK CTIRU database. We make use of the Extremism category as part of our filtering, however I cannot find any information to say one way or the other if the content...

Resolved! What is "FIPS failure. Power-On Integrity Self Test Failure (FS)"?

My customers are facing critical issue when he upgrades firmware.One customer is using VM-100, when he upgrades from 8.1.0 to 8.1.10 and reboot the device, he sees this issue.Another customer is using PA-500, when he upgrades from 8.1.0 to 8.1.9-h4 and reboot the device, he sees this issue.Both customers upgrades from 7.1.x and 8.0.x, and all st...

Image 001.png
emr_1 by L5 Sessionator
  • 28066 Views
  • 8 replies
  • 1 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks