General Topics
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

New LIVE AMA event, LIVEcommunity Team Roundtable!

If you are curious to know more about how the LIVEcommunity works, have a chance to chat with community team members, or ask a non-technical question? Now’s your chance! The floor is open for all you burning questions now through June 24. The LIVEcom...

jdelio by Community Team Member
  • 1 replies

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 41 replies

Resolved! Best Practice - Blocking Applications at Certain times.

Greetings I am trying to find a Best Practice for blocking applications at certain times for a certain group of users. As i see it I create a policy for these users allowing them access to a few applications. now if i wanted to allow them acces to In...

Wykeham by L1 Bithead
  • 2 replies

PBF not working when ECMP is configured

HI I have two internet links and configured ECMP to do load balacing based on weight, Here I want to allow few users from my internal to specific desired destination based on my PBF to take my ISP2 path. But it is sometimes taking ISP 1 and sometimes...

Resolved! Threat False Positives?

Our threat logs are full of 'Fallout Exploit Kit Detection' this morning from many of our networks, although no actul issues have been found.


Ingress inconsistent Packet dropping

Hello, There are intermittently packet drops for the traffics destined to Internet from the trust zone. No deny log as the traffic cannot traverse through Palo Alto firewall so I can only see drop and receive logs not firewall and transmit logs from ...

Multiple GlobalProtect Gateways on same interface?

We recently (today) configured pre-logon VPN, but have come across what could be a show stopper. As its currently configured we have configured: Gateway > (gateway name) > Authentication > Certificate Profile > (a client cert signed by our infrastruc...

welly_59 by L3 Networker
  • 3 replies

HTTPS and SSH Traffic Is Not Working

Hello,I’m new to the Palo Alto community. I’m hoping someone would be able to help me with this problem we are having.We have a Palo Alto PA3060 firewall that has a Layer 3 interface configured with a sub-interface that is also Layer 3 and tagged wit...


GP VPN causing slowness

recently pushed out always-on vpn, but one site/office is reporting slowness when connected to it. The office is a managed office, so i have no control over their internal network. When VPN is disabled they are able to hit 600mb download/upload. As s...

welly_59 by L3 Networker
  • 3 replies

Resolved! Pre-Logon GP VPN

Ive read a number of guides, but for the life of me i cannot get pre-logon working. Is there an idiots guide to the required certs i need? Our clients already have a machine cert which we use for wifi authentication

welly_59 by L3 Networker
  • 1 replies

TCP or UDP timeout values for app-id

I want to know if there is a major impact on PAN firewalls/hardware CPU or disk space if I change the timeout values of certian app-id like stun or cisco-spark-audio-video, rtcp ? My cusotmer had an issue with Spark wherein the presentation & video s...

Resolved! Required permissions for Active Directory integration

Hello, I am trying to get AD authentication to work for GlobalProtect. I have been following this document for configuring the AD integration part, and it says: Before ...

Relevant Zone for an IP address in Vwire

Hi Experts, Could you please suggest how to find Relevant Zone for an IP addresses in V Wire mode. When configuring security policy, we need to mention the source and destination zone. We've PA firewalls only configured in Vwire with multiple zones. ...

Resolved! Application and Threat Update ----Decoder

need to confirm one thing below with application and threat updates when we see the decoder as DNS then we do need to check all the vulnerability and anti spyware in order to make what traffic is linked to DNS? In other words when i see the decoder a...

MP18 by Cyber Elite
  • 2 replies

Resolved! attacker and victim who is impacted?

under threat logs i see attacker and victim and also i see spyware signature attacker is source - dns server--- victim is -- appliance how can i verify who is impacted with this spyware? Mike

MP18 by Cyber Elite
  • 4 replies