This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

Resolved! Is the feature available for email reporting on getting the Threat log for every 15minutes on firewall

Hi Team, Greetings!!I have a query, whether there is a feature for generating an automatic Threat log report for every 15minutes.While checking with the firewall end i could find only for a day that is last working day alone and so on and so forth.Is there any other possible way to achieve this using any other methods? If so could some one share...

Issue with GlobalProtect after Upgrade

Hello, We're currently experiencing some issue with several clients that are trying to upgrade their client.They're moving from 2.3 to 5.1. Sometimes, the client cannot connect at all (clicking on connect button from gp client but nothing is happening)I went through multiple documentations and KB and what I found is that the service PanGPS is no...

Resolved! HA2 Options

What is the advantage of using the HSCI port for HA2 as opposed to using one or two data ports?Would a QSFP-40G-CR4 be compatible with the HSCI port? Or a SFP-H10GB-AOC5M? SFP-1000BAS?

Question about multiple filters in a User-ID Syslog Parser

Greetings all, I noticed that the syslog parser for User-ID allows you to enter multiple filters for each server... does anyone know how adding multiple filters of the same type (login for example) will work? I see there is a way to move the filters up and down in the list so I'd assume there is an order of operation but if it is able to match ...

jsalmans by L4 Transporter
  • 2210 Views
  • 1 replies
  • 0 Likes

Wrong HIP match

Dear All,issue: I have the firewall 5220 with PAN-OS 10.0.3 and I am facing an below issue:-As GlobalProtect 5.2.6 is released with support for OPSWAT v4 only while OPSWAT v3 is discontinued starting from 5.2.6, I tried to test it on a few machines. We apply HIP checking for the below:- FireEye Endpoint Agent – Installed & Real Time P...

Jafar_Hussain_0-1620221429240.png
Jafar_Hussain_1-1620221429270.png
Jafar_Hussain_2-1620221429286.png
Jafar_Hussain_3-1620221429307.png

Resolved! Captive Portal Redirect Issue

Hello! Quick question:I have captive portal set up for one zone and it works well, where my captive portal "redirect host" ip is in the same zone/subnet as my users who need to authenticate. But I'm needing to expand this so that users from several zones/subnets can authenticate via captive portal. The problem I'm having is that for users in ...

Prevent OSPF routing loops - Area 0

Hello, We have a PA5050 with a couple of VRs. VR1 is the main VR with interfaces into the main customer networks, internet access and a 3rd party linkVR2 is for GlobalProtect clients and a separate internet link for the GlobalProtect Portals/Gateways There is an eBGP Peer between the VRs so that VR2 can learn all the corporate networks and the ...

gcampbe9 by L0 Member
  • 2806 Views
  • 1 replies
  • 0 Likes

GlobalProtect: Existing user session..?

Hi all.. I'm sure this will be a simple question to answer, but I can't find any explanation. In the following snip from our GlobalProtect traffic log on a PA200:12/23/2014 17:142/23/2014 17:14GlobalProtect gateway user login succeeded. Login from: 75.89.141.221, User name: w__0.12/23/2014 17:142/23/2014 17:14GlobalProtect gateway user logout s...

thatguy by L2 Linker
  • 9705 Views
  • 3 replies
  • 0 Likes

Understand App_overrride

Hi, We did a change from another vendor to PA. We realise that backups (vmware) were transferring very slow. So we created a app_override in order to avoid L7 in this VMware traffic. After that the spped for backpus got better.So i have several qestions:-Why is this happening? whats wrong L7 inspection does in order to slowness?-what kind of tra...

BigPalo by L4 Transporter
  • 4037 Views
  • 7 replies
  • 0 Likes

Resolved! ssl inbound inspection

Hi community, Will PA support inbound ispection if key exchnge mechanism is DHE/ECDHE ?.i hope PA wont be proxying inbound SSL connection. whether PA changed this behaviour from any versions?is there is a way to configure PA as proxy( we have server certificate/key installed in PA, only issue is PA resources. So if my website traffic is usually ...

Google Earth (Pro) and SSL Decrypt

Anybody figured out a the magic combo to get Google Earth (Pro) not to warn on startup with SSL Decrypt? Before you ask "yes" SSL decrypt is working no errors or warnings in browsers (i.e. CA's in trust store) and yes I thought about the ICA issue and imported the GTS CA 1O1 cert on the off chance that was the issue. Any other ideas outside "b...

PeterT by L2 Linker
  • 4783 Views
  • 2 replies
  • 0 Likes

Host with sinkhole action, what to do ?

Hello Bro, We have subscribed to the Palo alto DNS-Security feature and we have it applied now.after few days, I have a dynamic object now with many host has been sinkholed for contacting a malicious domains.Many Domains contacted, what is the recommendations regarding this many malicious domains contacted by our users? what is the ...

Resolved! DNAT with different external port to different internal port.

Hello, how are you all, I hope you are well.I would like to do the following: In Fortinet is the following possible, DNAT, with Public IP example:198.10.100.100:8081 ( alternate port ) ---DNAT-Mapping---Private IP destination 192.168.100.100:80 ( Port 80) This in PALO ALTO, how is it configured, please your support, thank you very much.Greetings...

Metgatz by L4 Transporter
  • 6348 Views
  • 6 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks