This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4121 Views
  • 0 replies
  • 0 Likes

Log Forwarding

Hello everyone, Before the question, the context.I have a panorama wich managed a lot of devices groups. we have a lot of rules for them. Which all these rules uses the default profile for log forwarding.I have a new syslog server and i need to forward the logs from all the devices and not from panorama. I created the new syslog server and i man...

Maryan by L0 Member
  • 2904 Views
  • 3 replies
  • 0 Likes

Custom Vulnerability Signature to block older versions of Chrome

After reviewing this KB article: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClSOCA0 It looks like you can create custom vulnerability signatures for named browsers. Could you also do that to limit browser access via a security policy based on a minimum version number? For example: create a vulnerability signature...

Match next line at cli

Is there a way to match the next "X" number of lines when piping to match at the cli?I am entering:show zone-protection zone outside | match udpand would like to show the matched line and the next three.This would be analogous to grep -A 3Cheers!

Resolved! Reconnaisance Protection - Action Alert

Hello,I configured zone protection, (reconnaissance protection), and enabled the tcp\udp port scan and host sweep and chose the default as action "alert".Afterwards, I noticed in the monitor logs this vulnerability appeared, "ZGrab Application Layer Scanner Detection". The severity is medium. Where do I change the action? I can change it in the ...

vp.JPG
vun2.JPG
roma by L2 Linker
  • 18771 Views
  • 5 replies
  • 0 Likes

Need example of Configure IPSec VPN with Source NAT

Hello, I'm attempting to setup a few remote sites to a Hub site all sites have a Palo Alto 3260 firewall. All remote sites have the same internal IPs and subnets on the Trusted side and I'm needing to connect all sites using a IPSEC VPN. I would like to Source NAT but cannot find the documentation to assist in setting this up using IPSEC. Als...

Issues when installing Cortex on Debian

Hello, Currently, we are installing the Cortex XDR agent on Debian servers. We have followed the steps as the documentation says. But, when the services are gonna be started it shows an error: "sbin/service: not found". All the services show "Stopped" status. If I check the "/opt/traps" directory and if I run the command "dpkg -l | grep corte...

Cortex XDR.png
iscott by L2 Linker
  • 4276 Views
  • 3 replies
  • 1 Likes

Resolved! How can I filter disabled rules in the 'policies'-tab

Hi,I am quite new with Palo Alto and I try to filter disabled rules, so that I only see the enabled rules. I know that a lot of syntax can be found in the monitoring tab, but since enabled/disabled rules are not in it, I cannot find. It is on the Palo alto itself, not Panorama.

Changing ethernet interfaces

We will be upgrading our internet connections from 1GB to 10GB. What is the process to change from a 1GB copper (eth 1/2) to 10GB sfp+ (eth 1/14). I've run through the configs and I'm assuning any specific reference to that interface will need to be changed. I'm assuming this will need to be done for Interface, Zones, Router, ipsec tunnels, GP g...

cmerrick by L0 Member
  • 3769 Views
  • 3 replies
  • 0 Likes

Resolved! Delete Virtual Router

Hello,I have a 5250 managed by a Panorama.On the firewall I have 4 Virtual router and I have to delete one because it's unused.Can I simply remove the VR via panorama by select the VR and delete it or there is some steps that I have to follow?(remove the interface from VR before or similar?)Note: Each VR it's a OSPF member.Should I expect an out...

Cannot ping to Palo alto

Hi Two Palo alto are connected with each other. The configuration on the two interface is based on standard protocol as below. But both cannot ping each other. Did some step is missed? If the step is correct, it might be eve-ng config issue since it PAs are installed at it Then Commit.

PAFrank_0-1639616633109.png
PAFrank by L2 Linker
  • 5480 Views
  • 6 replies
  • 0 Likes

Resolved! Difference Of Applications "ms-ds-smb", "ms-ds-smb-base" and ms-ds-smbv1, ms-ds-smbv2, ms-ds-smbv3

Apologies ahead of time- I'm very new to Palo Alto's firewalls...I've built several CIFS rules (based upon/cloned) from existing rules created by somewhat more senior PAN co-workers. I've asked them the following question but haven't gotten an answer I'm comfortable with, and was hoping somewhere here could set things right in my mind: When I'm ...

PA Traffic Logs

Top of the morning/evening, Quick possibly dumb question regarding traffic/threat logs on the Palo Alto. I assume by default the traffic/threat logs are stored in /opt/panlogs directory. We currently forward logs to a syslog server which I assume is forwarding a copy of all traffic to as well. I was wondering what happens when this directory fi...

Please assist me with some strange PS4 troubles. Eero Pro + Beacons + Arris Surfboard

Guys, I'm so engrossed in this that I'm not sure where to begin. I'm experiencing insanely uneven download and upload speeds on my PS4 slim no matter what I try (and I've tried dang near everything I've been able to find online). It's fantastic sometimes, then it's terrible the next second, and I stop playing online games. Comcast is my provider...

nami_22 by L0 Member
  • 2184 Views
  • 1 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks