General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 267 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 941 Views
  • 0 replies
  • 0 Likes

Traffic block due to EDL

I have found traffic blocked due to edl inbound policy. Traffic is blocked for random time like hour or one and half hours for random port.after some time traffic is moving. Another thing is traffic is moving for one destination ip and this destinati

...

SurajN by L2 Linker
  • 2058 Views
  • 1 replies
  • 0 Likes

PA 410 reboot time

Anyone know the reboot time on a PA 410?  Looking to see if its better than the PA 220.

 

Thank you,

Ted

treese by L3 Networker
  • 2695 Views
  • 2 replies
  • 0 Likes

Resolved! Required permissions for Active Directory integration

Hello,

 

I am trying to get AD authentication to work for GlobalProtect.  I have been following this document https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CmAdCAK for configuring the AD integration part, and it says:

 

Before

...

Resolved! Is there a better way to block non-default app ports?

After parsing some logging I've discovered some trends in users utilizing non-standard ports for some App IDs and I want to prevent that. The first thing that comes to mind if to create a policy only allowing the app-default port, but the issue is cu

...

Rules that allow bittorrent

Guys,

I need to figure out the rules that specifically allow BitTorrent traffic in Panorama.

Method that I use is searching traffic logs with (app eq bittorrent) and (action eq allow) and exporting .csv and sorting the rules.

 

Is there any other quick m

...

Dhawala by L0 Member
  • 2454 Views
  • 2 replies
  • 0 Likes

tracking bursty traffic with the firewall

Dear community!

 

I´m seeing in the interfaces the "rcv_fifo_overrun" counter increasing quite a lot and I´d like to find out what´s the root cause. Is there a reliable way to verify in the firewall if the reason of this counter to increase is some bur

...

Carracido by L3 Networker
  • 2313 Views
  • 2 replies
  • 0 Likes

Palo Alto Management Interface Inbound Discards

Starting in either PAN-OS 8.1.x or 9.0.x we have noticed that SNMP is reporting inbound discards on all of our Palo Alto management interfaces in our monitoring solutions.  It seems to be be specific only to the management interface as other physical

...

GCP Miner

Has anyone found a list/feed for GCP that actually contains zone information?  Has anyone created a miner with such feed?

JDomNY by L1 Bithead
  • 2632 Views
  • 1 replies
  • 0 Likes

procedure to clear logs of M200 disk-pair

M200 is in HA with local log collector configured on both panorama and log redundancy enabled. We want to disable redundancy to gain additional space for logging.

 

We want to clear logs of Secondary Panorama M200 disk-pairs and use it for logging from

...

Deepak25 by L3 Networker
  • 3199 Views
  • 3 replies
  • 0 Likes

Connecting 3rd-Party VPN Device to PA-3220

Hi. Wanted to ask for opinions, suggestions, and experience on this. We have a Cisco ASA VPN Device from our vendor and we'll need to connect this to our PA-3220 FW. So basically, Internet --> PA3220 ---> ASA VPN --> LAN. This ASA will be inside our

...

Mitel decrypt error

Hi all,

we have a open ticket with TAC, but wanted to ask if anyone's seen this, we're in the testing phase of it, and one of the phone's traffic shows up in the logs as decrypt error in the end result, so that phone is not able to login to the mitel

...

cdcirexx by L3 Networker
  • 6224 Views
  • 8 replies
  • 0 Likes

AWS x PAN 2 tunnels PBF backhaul internet static routes?

Anyone run into this before?  I have 2 x AWS tunnels (No BGP) and I want failover to occur and I want to backhaul internet traffic from AWS out through the PAN.  I have connectivity between AWS and on-prem with no static routes configured.  However,

...

drewdown by L4 Transporter
  • 4329 Views
  • 6 replies
  • 0 Likes
  • 24032 Posts
  • 115 Subscriptions
Top Liked Authors
Labels