This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4109 Views
  • 0 replies
  • 0 Likes

Adding URLs to an allow category caused some connections to be blocked

We added additional URLs to an existing custom url category and on our URL filtering profile, it is set to alert. These additional URLs are completely unrelated to the connection that started to fail. And as soon as we reverted those changes things began working just as they had before. We checked the URL filtering logs and nothing was being blo...

bafergel_1-1635279938830.png
bafergel_2-1635279998851.png
bafergel by L2 Linker
  • 3416 Views
  • 3 replies
  • 0 Likes

User-ID - one user occasionally not hitting the user based policy

PAN-OS 8.1.2, User-ID configured with Windows AD single domain. There are security rules built, based on users/user groups. It is mostly working as intended, but specifically there's [at least] one user that has a different behavior - some user-based (not group) rules are occasionally missing, even through they did hit the policy a few moments a...

nikoo by L3 Networker
  • 13831 Views
  • 12 replies
  • 0 Likes

need to block .lockbit extension

as per RBI guideline ,one of our customer from banking sector wants to block .lockbit file type extension,but in firewall i didn't found any such extension.

KashifSh by L1 Bithead
  • 3187 Views
  • 4 replies
  • 0 Likes

Issue with the vulnerability logs.

We have noticed some vulnerability logs in our PA for the Telerik application in our environment.the threat vault id is 59014 but according to the link. https://threatvault.paloaltonetworks.com/?query=59014). https://www.telerik.com/support/kb/aspnet-ajax/details/allows-javascriptserializer-deserialization To fix this vulnerability we need to ...

Jafar_Hussain_0-1635255328006.jpeg

How do I select an asset when filing a support case?

Hi, Weird question, but I'm trying to make a support case for a firewall, and I'm on Step 4, where it's asking me to "Please select the asset for which you are filing the case." No matter where I click in the table, there doesn't appear to be any way to actually select something. This is both on Firefox and Chrome.Scrolling to the right doesn't ...

Steven16_0-1630423910623.png
Steven16_1-1630423990111.png
Steven16 by L0 Member
  • 2435 Views
  • 2 replies
  • 0 Likes

Resolved! Panorama Issue - cannot edit an interface on a template stack

Hello guys, first of all - I m new and I would like to apologize first of all, if the theat should have been opened wrongly, or my english should be a little bit **bleep** 😉 I cannot open/edit anything in a template stack under template->network->interface Zones and other things in the stack re working fine but if i click on a interface e...

Kai_Ulrich_2-1630591975261.png
Kai_Ulrich_3-1630592073970.png
Kai_Ulrich_1-1630591722430.png
Kai_Ulrich_5-1630592172593.png

Email attachment issue

Hi Team, We have configured Email alert scheduler to get logs daily and monthly. We getting daily logs with attachments and not getting monthly logs and attachments. Sometimes we getting monthly logs email but attachments are not there. PANOS 10.0.5 and tried to restart the mgmt server but the issue is still the same and we observed the firewal...

VishnuPS by L3 Networker
  • 3474 Views
  • 3 replies
  • 0 Likes

Does anyone use HIP check on the local LAN as a NAC solution?

I understand that a HIP check can be used on the local LAN when the GlobalProtect client connects to the internal gateway. How effective is this as a NAC solution for the internal LAN?Without 802.1x authentication, does a machine without GP installed simply bypass the internal gateway (and HIP check)?Thanks

Maxstr by L3 Networker
  • 6038 Views
  • 3 replies
  • 0 Likes

Resolved! Vulnerability protection profile changed his icon

hey guys, i think it might related to configuration issues, but i cant find what went wrong.the vulnerability profile icon looks like this:but in the policies tab, i get this big red exclamation mark: any ideas if something went wrong?pan-os ver is 10.0.1 thanks in advance,Ishai.

1.jpg
2.jpg

HA Clustering session synchronization

Hello!I have some question about session synchronization in HA Clustering (geographic cluster). All firewalls in HA clustering use the first rule for traffic that should not match it, this only happens on geoclustered firewalls. Later, the rules are processed correctly, but the first one is always used, so I see incorrect traffic in the logs.Exa...

Block Access to private Gmail but allow corporate

Hi all.Im looking for a solution to block user access to private gmail accounts but allow a corporate accounts to be used.I'm aware that there is a solution involing proxy server and X-forwarder.Is there any other way to do this without dedicated proxy serever? RegardsLeo

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks