General Topics
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Happening in June: The Complete Zero Trust Network Security Event

Greetings everyone, Don't miss Palo Alto Networks' Complete Zero Trust Network Security event coming up in June. This event will cover the following points related to the newly unveiled Zero Trust Network Security: Secure access to the right applicat...

jdelio by Community Team Member
  • 1 replies

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 41 replies

Resolved! Do websites get rescanned once flagged as Malicious?

We are starting to see valid websites showing up as malicious due to them being hacked or for some other reason. Once the site is cleaned up however, is it up to someone in the Palo Alto community to request a URL Category change manually, or is ther...

"You have been logged out due to unknown reason"

Any idea what causes this or how to investigate it? I can see the event as "User Me logged out via Web from My_IP" in the System Monitor tab. Happens intermittently otherwise I'd look at this:

logged out.PNG

Block YouTube/Instagram Mobile app

Hello There, What is the best practice to block YouTube, Instagram for mobile apps? So far I tried to create an application base and custom URL policy to deny YouTube, Instagram. It works (deny access) if you access the site via HTTPS (Chrome, Firefo...

KurdTech by L1 Bithead
  • 5 replies

Why tcp aged-out?

Hi all,Our developers are connecting from Zone1 to Zone2 with tcp (on ports between 2000 and 3000)The tcp session timeout on firewall is 3 hours.The security policy allows any application, any port from Zone1 to Zone2. But there are all default secur...

Global protect Notification

Hi, When I connect global protect Gateway. Once is connected I received this notification.I have check the internet connectivity it's working fine. Can you please let me know how to avoid this notification


Resolved! Adding a 2nd ISP

I have been reading up and still trying to wrap my head around the exact setup I need. Current ISP1 - use for all LAN traffic out including IP phones. Use global protect also. Have external DNS setup so goes to this ip address. St...

Resolved! Disable weak cipher suites for SSL/TLS and SSH

Hi Team, I want to Disable weak cipher suites for SSL/TLS and SSH my question is, are the below commands correct ? Do I need to run below commands on Active and Passive firewalls separately ? I am using data port as management ( I do have dedicated m...

shafi021 by L2 Linker
  • 6 replies

GlobalProtect and RDP

Hi All, I have made a change to our GlobalProtect app config to cater for RDP connections by amending the "User Switch Tunnel Rename Timeout" value to 60 seconds. I was hoping to be able to confirm this setting had been applied to the GP clients via ...


Need help with logging in case of App-Id

Hi, I have below rule in my Palo Alto and another default rules which are Intra-zone and Inter-zone.Source: Zone: TrustDestination: AnyDestination Zone: UntrustApplication: ssl, web-browsing, dns, Facebook-base, YouTube-base, etcServ...

Resolved! opcmdhistory log missing in PanOS9.1

I noticed that the “opcmdhistory” log disappeared in Panorama after upgrading to PanOS9.1. It was there in 9.0 and previous versions. Do you know why it changed and if the information is in another log file?I was using it for troubleshooting and dete...

batd2 by L3 Networker
  • 4 replies