This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4106 Views
  • 0 replies
  • 0 Likes

No packet capture files are generated on pa-3060 that customers are using.

Hello.I have been contacted by a customer that there is a problem with packet capture.I know that executing a packet capture command triggers packet capture, and generating a pcap file containing captured packets is generated when the traffic you want to check is generated.However, looking at the attached screenshot, the customer executed the pa...

capture01.PNG

Resolved! PAN-OS GP SSL Cipher Selection

PAN-OS 8.1 seems to lack the capability to perform fine-grained configuration of cipher suite selection and prioritization for GlobalProtect VPN functions. I ran a fairly detailed SSL functionality assessment on a configured TLS v1.2-only GP gateway and found that RSA encryption-based ciphers are selected by default by all simulated clients. Thi...

Resolved! MS Autodiscover Flaw - Vulnerability

Hi All, A design issue in the Microsoft Exchange Autodiscover feature can cause Outlook and other third-party Exchange client applications to leak plaintext Windows domain credentials to external servers Domains that we need to block are listed here: https://github.com/guardicore/labs_campaigns/blob/84d8423335bf72ea078b5286db647580fb7f6a58/Autod...

Qui by L2 Linker
  • 5102 Views
  • 4 replies
  • 0 Likes

Resolved! Template Variable IPv6

Hi All,Does anyone know how to configure an IPv6 address as a template variable? As soon as I put a : in the CSV it throws a fit when importing it.Thanks,Kev

KevinJB by L1 Bithead
  • 3139 Views
  • 2 replies
  • 0 Likes

Resolved! Where to Write Security Policies with a Site-to-Site VPN

Hello,We have a pair of 3200s on our main site, and have added an 820 at a remote site to bring up an IPSec tunnel between the two.When I initially set the remote site up, I decided to have all the security policies controlling what access the remote site would have to the main site on the 820 side. I could see arguments for doing it on either e...

Does NAT64 works for inbound NAT

Currently we have configured inbound NAT for DMZ application which is on ipv4. Public ip used for it is ipv4.Due to some requirement client from outside network will be coming from ipv6 public ip to access the application. In this case our nat is not working. We have found NAT64 feature in below doc , but given example is for outbound NAT. http...

Deepak25 by L3 Networker
  • 5623 Views
  • 3 replies
  • 0 Likes

Is my firewall hacked already ?

I have a PA3020 with 7.0.5-h2 PAN-os version. I noticed that it have a lot of DNS traffic sent to strange IP address. when I running show system resources command. I found strange process nginx and two syslog-ng there. Is it normal, how to get rid of them ? 2797 nobody 20 0 53388 5712 3344 S 0.0 0.1 8:19.70 nginx6804 nobody 20 0 107m 12m 6472...

banny6 by L1 Bithead
  • 4723 Views
  • 5 replies
  • 0 Likes

Something aking to | sort | uniq -c | sort -nr

Like the title says, is there a way to run a filter for a period of time, pull out a list of IPs, sort them, remove the duplicates with a count, and sort them by most popular?This is a common omegle thing to do with syslog data, say you have a very permissive rule and you want to see what source IPs are being used by that rule. You could awk pri...

Jack45 by L1 Bithead
  • 2500 Views
  • 1 replies
  • 0 Likes

Allow redirect URL with decrytion on.

Hey guys one of my customer I not able to access the Redirecting URL's This Error display (err_http2_inadequate_transport_security)I checked the logs the traffic URL shows alert but the decryption is done.We are able to Access the URL without decryption. Created a specific decryption policy in which it enables the Strip ALPN. and we are able to...

3rd party managed minemeld feed to local

We have a service provider(SP) with authenticated minemeld feed and we want to pull feed from the SP minemeld which asks for authentication into our local minemeld instance, instead of directly into our firewall. How can we do that.

raji_toor by L4 Transporter
  • 3766 Views
  • 4 replies
  • 0 Likes

ALERT WHEN VPN DESTINATION STOP WORKING

Hi everybodyCurrently have a vpn connection to a remote site , and now we are transferring many info along the dayBut sometimes connection closes and transfer interruptsSo we want to sent alerts when this connection o transfer interrupts to be able to sends a kind of email alert Is it possible?

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks