General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Join the Fuel User Spark Event on March 19: Dealing with Threats !

 

Join us at the Fuel User Group Spark Event on March 19!

 

Get ready to ignite your cybersecurity knowledge and connect with industry experts at our upcoming Spark event hosted by the Fuel User Group. Whether you're a seasoned professional or just

...

kiwi_0-1709893724672.jpeg
kiwi by Community Team Member
  • 279 Views
  • 1 replies
  • 2 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3159 Views
  • 2 replies
  • 14 Likes

Resolved! session flags

I can't find documentation about connection Flags in command show session all


-------------------------------------------------------------------------------

ID/vsys   application     state   type flag   src[sport]/zone/proto (translated IP[port])

     

...

Resolved! Is there a Bug in the URL filtering profiles

Hi everybody,

PA-500
Software: 3.0.5
Threat-Apps: 163-489
URL Filter: 3243

I have a question to the URL filtering profiles.
When we add URLs to the block or allow list,
and make a commit the listed URLs were not blocked or allowed.
We need a second step, we

...

indevis by L2 Linker
  • 3317 Views
  • 1 replies
  • 0 Likes

Resolved! User Agent System Requirements

We're running into issues with the Palo Alto User Agent.  It'll run for a few days, then we'll stop getting user information.  When I look at the server running the agent, and try to start the agent, I get a message along the lines of "The paging fil

...

Virtual-Wire connectivity during reboot

Hi all,

I know some IDS/IPS are able to keep the network connectivity during a reboot. Then it does not stop the trafic.

Does the PA able to do the same in Virtual-Wire mode ? Or in other mode ?

The aim is to upgrade the appliance in a production enviro

...

olev by Not applicable
  • 3215 Views
  • 2 replies
  • 0 Likes

QoS data in logs

Hello PAN,

Is there any way to obtain QoS data from the PAN logs other than doing a "show session id" CLI command in the current release 3.0.5? My customer would like to be able to see how much traffic is hitting the QoS classes and which traffic is h

...

jwolach by L4 Transporter
  • 2358 Views
  • 1 replies
  • 0 Likes

Resolved! sample logs of licenses expiration

Hello,

Could you give me the sample logs that the PA log before the following licenses expira ?

- Support
- URL Filtering
- VSYS upgrade

We have the log of threat prevention license:
- License for feature threat will expire on 2009/12/11

Regards,

Defining Policies, Profiles, etc via CLI

Our primary interface with devices and management systems is through the CLI.  Essentially, what I need is a guide that explains the syntax and how to create/update/delete policies, security profiles, etc via CLI.  (Neither the CLI Reference nor the

...

Troubleshooting PAN-Agent connectivity

Hello, I have PAN OS 3.0.5 installed on a cluster (active passive)

The passive device seams to have problem to contact PAN

As you can see from ommand below 10.44.36.125 Agent can't be reached (on active is ok)

(active)> show pan-agent statistics
Name    

...

Log files meaning

Hello,

With command tail I can read log from PAN FW. ...

questions :

what's difference between mp-log and dp-log ?

what does the mp-log files below contain/mean (i.e ha_agent.log is for ha system) ?

appWeb.log.old                masterd_manager-infra.log
b

...

Resolved! Pan Agent Expire setting

Hi,

I see in the logfile the information :

2010 01 04 10:07:25, ########################### Start Pan-Agent #############################
2010 01 04 10:07:25, Add Domain: ce
2010 01 04 10:07:25, Num. of Threads: 40
2010 01 04 10:07:25, GroupMemebers cache

...

u2343 by Not applicable
  • 3764 Views
  • 3 replies
  • 0 Likes

Resolved! Clear SSL Certificate cache

Hi,

We have a PA-500 and I can view the SSL certificates with: "debug dataplane show ssl-cert-cn"

I was told that this is the list of SSL certificates that are stored in the cache.

However I'd like to know how to clear this cache

Thanks

Secondary interface addresses

I'm trying to add more of the public IP addresses issued by my ISP to the external port on my PA-500.  When I try to commit the config, I get this error:

  • routed: In virtual-router Incoming: address 12.x.x.x/27 on interface ethernet1/1 has overlapping
...

bwmillslg by Not applicable
  • 10348 Views
  • 4 replies
  • 0 Likes

Can I check if a connection was dropped by the firewall?

I frequently have people coming to me asking if I can check if a connection is dropped on the firewall.

Allow me to give you an example:

We have a trunk setup between a cisco callmanager and one from Alcatel. All traffic between the 2 systems flows thr

...

pieters by Not applicable
  • 3896 Views
  • 1 replies
  • 0 Likes
  • 24090 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels