This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4133 Views
  • 0 replies
  • 0 Likes

Rules that allow bittorrent

Guys,I need to figure out the rules that specifically allow BitTorrent traffic in Panorama.Method that I use is searching traffic logs with (app eq bittorrent) and (action eq allow) and exporting .csv and sorting the rules. Is there any other quick method that anyone use? Thanks

Dhawala by L0 Member
  • 2842 Views
  • 2 replies
  • 0 Likes

tracking bursty traffic with the firewall

Dear community! I´m seeing in the interfaces the "rcv_fifo_overrun" counter increasing quite a lot and I´d like to find out what´s the root cause. Is there a reliable way to verify in the firewall if the reason of this counter to increase is some bursty traffic or anything else? Thank you!

Carracido by L4 Transporter
  • 2732 Views
  • 2 replies
  • 0 Likes

Palo Alto Management Interface Inbound Discards

Starting in either PAN-OS 8.1.x or 9.0.x we have noticed that SNMP is reporting inbound discards on all of our Palo Alto management interfaces in our monitoring solutions. It seems to be be specific only to the management interface as other physical interfaces of the device are not reporting issues. Has anyone here experienced this? I'm looki...

GCP Miner

Has anyone found a list/feed for GCP that actually contains zone information? Has anyone created a miner with such feed?

JDomNY by L1 Bithead
  • 2905 Views
  • 1 replies
  • 0 Likes

procedure to clear logs of M200 disk-pair

M200 is in HA with local log collector configured on both panorama and log redundancy enabled. We want to disable redundancy to gain additional space for logging. We want to clear logs of Secondary Panorama M200 disk-pairs and use it for logging from scratch. No procedure found in Panorama Admin guide.Please suggest best way to clear the stored ...

Deepak25 by L3 Networker
  • 3637 Views
  • 3 replies
  • 0 Likes

Resolved! Does Global Protect VPN has Two-Factor Authentication - Looking at VM-100/300 virtual PA and Physical PA-820

Team, Customer is looking for Multi-Factor authentication for VPN client, currently they have GlobalProtect, but they need to enable MFA for remote users, does Palo Alto has any feature or solution to achieve this? Need to check if both VM-Series and Physical has built-in MFA for remote VPN users (Global Protect) VM-100/300 virtual PA and Physi...

Connecting 3rd-Party VPN Device to PA-3220

Hi. Wanted to ask for opinions, suggestions, and experience on this. We have a Cisco ASA VPN Device from our vendor and we'll need to connect this to our PA-3220 FW. So basically, Internet --> PA3220 ---> ASA VPN --> LAN. This ASA will be inside our network and NOT remote. I would like to know if there is a way to connect this and make ...

Mitel decrypt error

Hi all,we have a open ticket with TAC, but wanted to ask if anyone's seen this, we're in the testing phase of it, and one of the phone's traffic shows up in the logs as decrypt error in the end result, so that phone is not able to login to the mitel portal, tac also disabled the user-id policy to narrow it down(I have tried to add a app override...

cdcirexx by L3 Networker
  • 7580 Views
  • 8 replies
  • 0 Likes

AWS x PAN 2 tunnels PBF backhaul internet static routes?

Anyone run into this before? I have 2 x AWS tunnels (No BGP) and I want failover to occur and I want to backhaul internet traffic from AWS out through the PAN. I have connectivity between AWS and on-prem with no static routes configured. However, if I try to backhaul internet traffic from AWS across the s2s vpn tunnel (attached to TGW) it fai...

drewdown by L4 Transporter
  • 5386 Views
  • 6 replies
  • 0 Likes

User not able to access one site

Not able to access the site is on another location I can ping the site it's responding I check session-id packet capture nothing was found.I create a policy for that user without any restriction still not able to access the site. In monitor its shows the application no sync TCP I did the zone protection thing from kb Paloalto article still no l...

Does Active-Active HA supports more users?

Hi Guys,My company bought a PA firewall a few months back. At that time we had around 85 users and PA technical person suggested that it will handle up to 100 users in our environment. Now, we have around 70 more people who joined our company, so total employees will be around 160. Now I have few questions -1) If we buy one more firewall (same m...

Satyam by L1 Bithead
  • 2965 Views
  • 2 replies
  • 0 Likes

Resolved! Threat ID 35823 is exempted then also it is blocking the traffic

Hi, HTTP SQL Injection Attempt threat id: 35823. we have exempted this threat id but it is blocking the traffic. on the traffic log, the session end reason is showing threat and in the threat log, it is showing reset-both. Want to know why it is still blocking and how can I troubleshoot this further.

Resolved! Apple Software Updates Issue with Palo Alto

Hi,If we try to update apps on a iPhone they don’t update but if we remove the security profiles the apps update with no issues. When you click update it attempts to do the download and just fails We are using following security profiles(image attached). We think this may actually be a bug. The update is only successful if the rule has NO profil...

1 (7).png

PPPoE Disconnection frequently.

Facing PPPoE session disconnection issue. As per ISP, this is a Firewall issue as from Laptop or Computer (directly connected to ISP Router) no disconnection being observed.Palo Alto PA-3020 Following logs and capture packet are below 2021-07-15 11:27:25.969 +0400 debug: log_write(ppp/utils.c:678): No response to 5 echo-requests2021-07-15 11:27:...

  • 24337 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks