This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4114 Views
  • 0 replies
  • 0 Likes

Resolved! Teams Traffic issue

Hello , for one of our customer , they are facing slowness issue with MS teams . they identified issue with the ISP provider link There is a Single Palo Alto gateway . The external interface is connected to a Switch ( L2) and the switch is further connected to Internet Router Now customer is planning to buy another ISP link ( high speed) . Re...

EDL Lists - Minemeld

I've made our Minemeld server publicly available and have provisioned a number of lists we use plus some that were part of the old PANWDBL server. You're free to use this server but please be aware that I don't provide any guarantees or warranties to the accuracy or reliability of the data published. Please remember that this service is provided...

ethiSEC by L2 Linker
  • 4160 Views
  • 2 replies
  • 5 Likes

Use Cloud Service (like Cloud Front subnets) in security policies

I would like to use, for example, CloudFront subnets (I 've about 50 of them) in Security Policies. I find this script https://github.com/chrisgoodwins/paloalto_add-addresses. Is there the way to use a single big static list without use many address objects grouped in a single address group ? Can I use Objects > Regions ? thanks

PA -220 Slow

Hi experts ,When I press commit on the Palo alto firewall It takes a long time around 5 or 7 minutes to complete this task, and Management CPU reached to full as a screenshot. It’s kinda made it really difficult to work on this device now. devise Model: PA-220Software Version: 9.1.8your advice is highly appreciated

YOOG887 by L1 Bithead
  • 4321 Views
  • 2 replies
  • 0 Likes

Resolved! Is it possible to turn off the Globalprotect HIP check report if HIP checks are not used?

Hello to All, From what I read even if the "Collect HIP Data" is turned off on the Globalprotect portal the HIP "hipreportcheck" message is still send by default every hour from the client workstation to the Globalprotect gateway as a keepalive option? https://docs.paloaltonetworks.com/globalprotect/8-1/globalprotect-admin/host-information/con...

Resolved! AppID and Service use

We have found instances where applications were changed in house to use a different port than the default. So we are in discussion as to what is the best approach to create policy rules.Below are the two policy rules involving AppID is what we believe to best address our situation: 1. appID with Service set to protocol port that the app is set t...

terryc by L1 Bithead
  • 3218 Views
  • 2 replies
  • 0 Likes

Resolved! GRE over IPSec with NAT

hello everyone I am here again.Referring to the following diagram, My client need to talk with the server 5.123.111.144.stage 1, to get the GRE tunnel working.My current is1. the IPSec tunnel is up.2. I am using a Cisco router as the GRE device, the tunnel config isinterface Tunnel2 description GRE ip address 5.5.5.6 255.255.255.0 tunnel source ...

DongQu_0-1619533794929.png
DongQu by L2 Linker
  • 8040 Views
  • 6 replies
  • 0 Likes

registration url

Hi, I have many computers that go through the firewall to access the internet. How can I configure the palo alto firewall so that all the urls that are visited on the internet be registered? The destination ips are registered in the palo alto, but i want to know is the urls of those pages. Kind regards

BigPalo by L4 Transporter
  • 2523 Views
  • 2 replies
  • 0 Likes

Resolved! Users connected to external gateway

Hello, Recently one of our customer did a GP agent upgrade from 4.1.4 to 5.2.4 Now we have configured two GP gateways external and internal. The problem customer is facing is users are always connected to external gateway even if they are on internal network. This was not the case before upgrade . Anyone please help.

Resolved! How to add nodes

Hi all, I'm new to in using MineMeld. I have configured installed and configured it on Ubuntu 16.04.I would like to configure miners but I don't know how to start with it. Through the internet I have found this page minemeld-node-prototypes/bruteforceblocker.yml at master · PaloAltoNetworks/minemeld-node-prototypes · GitHub and would like to ...

ZEBIT by L3 Networker
  • 4581 Views
  • 3 replies
  • 0 Likes

Access rule simulation

Does anyone have any idea how we can do access rule simulation from monitoring logs in PAN 820. Any automation or tool recommended?

ZTP Models can be deployed as a traditional models?

Hello guys, I want to know if someone has seen this behavior with Port Management Configuration on ZTP NGFW Models ... The IP address, Netmask and gateway shows an incorrect value 0.0.0.0 or Unknown, but the CLI shows the correct configuration parameters. We previously performed a "request disable-ztp" besides "Disable Device and Network Templat...

egarantiva_1-1616164599996.png

Resolved! Using scripting mode to modify existing security rules

Hi, I was wondering if anybody has experience working with the scripting mode in the way I need.Using the following commands, it is possible to add a single application or service to a rule:set device-group INTERNAL post-rulebase security rules SEC-APP application [ ssl ]set device-group INTERNAL post-rulebase security rules WEB-APP service [...

Resolved! Email subject line is truncated or shortened after upgrade to 9.1.6

As I upgrade firewalls to 9.1.6 (from 8.1.x) I am noticing that the subject line for emails I receive (typically System messages) appears to be intentionally truncated. This is not display issue with outlook. If I open the email the subject line still ends in '...' The problem is I have custom email rules that filter on the subject field and now...

ChrisIsett_0-1619785033940.png
  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks