This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4105 Views
  • 0 replies
  • 0 Likes

A way to correlate the logs for DNS Sinkhole?

Dear and valuable Live Community Members, One of our customers came to us with some questions in regard to the issues he is facing to correlate the logs for DNS Sinkhole, and we are wondering if there is a solution to it. The customer currently has the following situation:• Rule ‘DNS_Service’: this rule will allow DNS traffic from the FSMA I...

RMA replacement

Hi All, We will doing a RMA replacement for PA-3220. The faulty unit is cannot access anymore from GUI or CLI and it's managed from Panorama. We only have the backup configuration and not the device state. So, what we should? 1)Do we replace the fault unit with the new one, configure the HA with the active unit and replace the S/N in the firew...

Momoj by L2 Linker
  • 6399 Views
  • 13 replies
  • 0 Likes

Public Cloud Server certificate validation failed. Dest Addr panos.wildfire.paloaltonetworks.com

We received following alert:-----domain: 1...eventid: tls-X509-validation-failedobject:fmt: 0id: 0module: generalseverity: highopaque: Public Cloud Server certificate validation failed. Dest Addr: panos.wildfire.paloaltonetworks.com, Reason: unable to get local issuer certificate We don't use decryption policy.We need assistance to resolve this...

Mt_103 by L2 Linker
  • 8975 Views
  • 2 replies
  • 2 Likes

RFC1918

Basic trust to untrust policy I see internal address sending snmp to addresses like 10.0.0.1, 192.168.1.x. Do people create a policy to block internal traffic going to RFC1918 on the untrusted interface?

Using Radius Authentication Peap-MSCHAPv2 for PA Management Interface Error: 400

Hi Guys, I was trying to add Peap-MSchapV2 for our Radius Authentication for Management Interface. I configured Radius Server Profile with PAP with Windows NPS, seems everything is working fine. And then I generate a new Certificate Signing request and signed by Organisations CA server, and downloaded the intermediate certificate etc and u...

MangLai by L0 Member
  • 3753 Views
  • 2 replies
  • 0 Likes

How to set 2FA to local superuser

Prerequisites Currently, user has two admin accounts. Default local admin account(Superuser) New local admin account synchronized with Cisco Duo(Superuser) End user has to consider how to treat “Default local admin account”. As a result of consideration, the following items are the options to deal with it: Option1: To make “Default local admi...

Config Change Tracking

Looking for suggestions of how others track config changes: who made the change and what changed; similar to config audit but for every change made over time. The goal is training and accountability. I’m aware of Rancid, which may or may not work as it’s intended for Cisco configs, and looks to only provide diff output. Syslog is an option but...

MS-SQL Issues with 8656-7766 Dynamic Update? Citrix-Director seems to have broken it

So, this morning, all going swell. P1. Hm, okay. Looks like an application issue, SQL related. Nothing on the firewall or policies were touched. The policy is using Layer 7 App-ID MS-SQL to get a server to communicate with the MSSQL server over TCP-1433. At the end of the day I had an idea to remove protect profiles and drop from Layer7 to L...

SpiroKU by L1 Bithead
  • 3489 Views
  • 3 replies
  • 0 Likes

No "Apps Seen" / Policy Optimizer data on Panorama

Hi, We have a new deployment of Panorama using Datalake storage. Log data from the firewalls is successfully coming through to Panorama, however, there is no "Apps Seen" or info shown for apps under Policy Optimizer. Rule Usage data is available, and the app data is shown correctly on the local firewalls. Setup > Management > Policy Ruleba...

SARowe_NZ by L3 Networker
  • 5198 Views
  • 4 replies
  • 0 Likes

Management interface dropping packets

Hi, My monitoring system is detecting packet loss on my panorama device. When pinging the DG there is no packet loss. When checked the interface stats on the cli I can see the below. admin@MANPANORAMA01(primary-active)> show interface management -------------------------------------------------------------------------------Name: Management ...

Is the IP on any EDL?

Is there any place that I can put in an IP address and see if it is on an external dynamic list somewhere? Going to this site:https://docs.paloaltonetworks.com/resources/edl-hosting-service and clicking around hoping to hit the right one (such as Azure > Public Cloud) and then having to go through each cider is brutal and time consuming.

How to implement BGP and eBGP on Palo

Hi, I am migrating WatchGuard to Palo and there seems to be a lot more configuration options on the Palo. WatchGuard configuration is below. What is the best way to configure this within Palo? Where is the option to set default-originate? router bgp 64801bgp router-id 169.254.3.3timers bgp 4 12neighbor 10.200.34.2 remote-as 64601neighbor 10...

Resolved! Internet/Download speed is less or frozen when traffic is passing through 440 FW

Hi Guys. Recently we changed the slow internet provider to a faster one with 100/100 (up/down load). It was changed on the same interface of the FW. ( Eth1/2- same for the old and the new service provider) Ever since the change, the download is intermittent or the download freezes. Below is the detail session view of the session when the downloa...

paragkarki143_0-1670208301352.png
paragkarki143_1-1670208709298.png
Pras by L4 Transporter
  • 8334 Views
  • 5 replies
  • 0 Likes

What expression to use to block/permit an entire website?

I'm having trouble figuring out what expression to use(in a Custom URL Category) to match any variation of HTTP requests for an entire website. For example, I want a single expression to be able to match/block/permit the following HTTP requests... example.com/ example.com/path abc.example.com/ abc.example.com/path xyz.abc.example.com/ xyc.abc....

jambulo by L4 Transporter
  • 1538 Views
  • 1 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks