This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4132 Views
  • 0 replies
  • 0 Likes

Resolved! HSCI Port

Hi, I finally received my pair of 3250s and noticed there is the HSCI port used for HA. I didn't realize this before purchasing, so I do not have the cable. Is there a reason why I can't just dedicate an interface for HA to use for HA2? In case it matters, these firewalls will be located on internet edge.

ce1028 by L4 Transporter
  • 16245 Views
  • 6 replies
  • 0 Likes

Resolved! Web-GUI certificate not applying

Hello all, After letting my cert expire (duh), I've imported a new one, exactly the same process as before.For some reason the firewall isn't picking it up for Web-GUI, sticking with a self signed cert with the serial number as CN, but uses the intended cert for GP portal with no problem.Running 10.1.0, couldn't find any mention in the documenta...

Block malicious domains at interface level

Hi Team, I have a concern where is there any way to block malicious domain based or malicious ip based traffic ingress through the firewall to trust zone or dmz zone from untrust zone to be blocked at interface level even before it reaches to pbf or policy or processing over firewall.Is there any way to block malicious domain before it is being ...

Resolved! Captive portal URL not working when accessed from inside zone

I have configured Captive Portal with MFA and it works fine when the user traffic is originated from Untrust side of the firewall. When the URL "https://<firewall name>:6082/php/uid.php?vsys=1&rule=0" access from one of the internal zones (e.g.) Trust, it does not work. I have user-identification enabled on all zones. User from outsid...

GlobalProtect breaks internet access

hello guys,Did some of your GP uses complain that they lost the internet after GP connected?It just happens recently and for some users only.GP version is 5.2.7 Thanks

DongQu by L2 Linker
  • 2281 Views
  • 1 replies
  • 0 Likes

Regarding blocking unknown or malicious domains or malicious user

Hi Team, I have a query where i need to block some unknown attacker or someone malicious from external trying to access my internal network or DMZ.I need to ways to block or deny those specific traffic. We have enabled country based block, we have IP based block yet is there anyother way to block or deny malicious domains except using EDL, Which...

Regarding EDL domain list which is not working.

Hi Team, I have a query where i need to block domain based malicious domains to be blocked with regards to EDL which we have internally. I have called the EDL over the Application/URL category of the policy which has the EDL name which consist of certain number of malicious domains which need to be denied.For this i had not seen any hit counts t...

GlobalProtect - how to edit the download page

Is it possible to edit the GlobalProtect download page?On the page where users are prompted to download the 32bit, 64bit, or Mac version version of GP, I would like to add some instructions for the not so savvy user on which version to select and how to install the client. If there's a better way of doing this I'm open to it. Setting it up via...

etnerual by L1 Bithead
  • 24367 Views
  • 14 replies
  • 1 Likes

Remedies for block attacks.

Dear Team, One of our faced some attacks from their wan interface IP. The issue is reported by their ISP team, when we checked in the firewall there are no logs. In customer network, huge number of traffic is going at the same time. The device is 3020. Already customer is facing some slowness in the network traffic. Kindly share the Remedies for...

VishnuPS by L3 Networker
  • 2663 Views
  • 2 replies
  • 0 Likes

Not able to connect AD Domain

hey guys one of my clients is not able to connect in the domain some users are connecting while some are not. The users are in Location A in another city and the Domain server is from another site I attached B the image ignore.that is it from the firewall side or domain side issue because some are connected some are not.

Palo Alto Device certs (Default Trusted Certificate Authorities List)

I am dealing with an issue in which the Palo Alto is in proxy mode. The issue is concerning endpoints being able to access a cloud tenant to register (install) a component.. The FQDN of the cloud tenant has been added as an allowance for these endpoints, they are member servers that have exceptions made for Internet access to certain sites. Mu...

Resolved! User's in session table hitting wrong NAT rule

Hi All, I have a client that has several NAT rule's (as per below). The have discovered in the session table 2 IP's from the 10.128.48.0/22 subnet seem to be hitting 'guest_nat' rule below when they should be hitting the 'users_nat' rule below. When testing the NAT policy match with the affected IPs they hit the correct NAT rule (users_nat). The...

BenPrice_0-1628835394873.png
Ben-Price by L4 Transporter
  • 6073 Views
  • 4 replies
  • 0 Likes

Resolved! Certificate Validation for Zoom Recommendation

Hi friend, Can you please all guy , telling me that why zoom is working coz i do not allow policy for this destination Cert address yet?Thank you. There are URL as the below list:crl3.digicert.comcrl4.digicert.comocsp.digicert.comcertificates.godaddy.comcrl.godaddy.comocsp.godaddy.comcertificates.starfieldtech.comcrl.starfieldtech.comocsp.starfi...

sunate_h by L1 Bithead
  • 4325 Views
  • 3 replies
  • 0 Likes

TACACS user authentication on WF-500

Hi Team, The customer has a query about whether if is it possible to configure TACACS user authentication through WF-500. The customer has no panorama setup or anything he was able to successfully configure on Palo Alto NGFW but not on WF-500. I request you to kindly provide some updates on this issue. Awaiting your response. Thanks & Re...

RJ274 by L0 Member
  • 2091 Views
  • 1 replies
  • 0 Likes

Unusual traffic on port 135

Hello, I have been facing an issue where I see lots of traffic toward internal serves on port 135. The source of the traffic is the firewall management IP. Its agentless user-id setup on the firewall. Previously WMI probing is enabled which cause the issue. I can still see the same traffic on port 135 after disabling the WMI probing. In server ...

mshihora by L1 Bithead
  • 5340 Views
  • 3 replies
  • 0 Likes
  • 24337 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks