This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4224 Views
  • 0 replies
  • 0 Likes

Resolved! AppID and Service use

We have found instances where applications were changed in house to use a different port than the default. So we are in discussion as to what is the best approach to create policy rules.Below are the two policy rules involving AppID is what we believe to best address our situation: 1. appID with Service set to protocol port that the app is set t...

terryc by L1 Bithead
  • 3301 Views
  • 2 replies
  • 0 Likes

Resolved! GRE over IPSec with NAT

hello everyone I am here again.Referring to the following diagram, My client need to talk with the server 5.123.111.144.stage 1, to get the GRE tunnel working.My current is1. the IPSec tunnel is up.2. I am using a Cisco router as the GRE device, the tunnel config isinterface Tunnel2 description GRE ip address 5.5.5.6 255.255.255.0 tunnel source ...

DongQu_0-1619533794929.png
DongQu by L2 Linker
  • 8338 Views
  • 6 replies
  • 0 Likes

registration url

Hi, I have many computers that go through the firewall to access the internet. How can I configure the palo alto firewall so that all the urls that are visited on the internet be registered? The destination ips are registered in the palo alto, but i want to know is the urls of those pages. Kind regards

BigPalo by L4 Transporter
  • 2556 Views
  • 2 replies
  • 0 Likes

Resolved! Users connected to external gateway

Hello, Recently one of our customer did a GP agent upgrade from 4.1.4 to 5.2.4 Now we have configured two GP gateways external and internal. The problem customer is facing is users are always connected to external gateway even if they are on internal network. This was not the case before upgrade . Anyone please help.

Resolved! How to add nodes

Hi all, I'm new to in using MineMeld. I have configured installed and configured it on Ubuntu 16.04.I would like to configure miners but I don't know how to start with it. Through the internet I have found this page minemeld-node-prototypes/bruteforceblocker.yml at master · PaloAltoNetworks/minemeld-node-prototypes · GitHub and would like to ...

ZEBIT by L3 Networker
  • 4645 Views
  • 3 replies
  • 0 Likes

Access rule simulation

Does anyone have any idea how we can do access rule simulation from monitoring logs in PAN 820. Any automation or tool recommended?

ZTP Models can be deployed as a traditional models?

Hello guys, I want to know if someone has seen this behavior with Port Management Configuration on ZTP NGFW Models ... The IP address, Netmask and gateway shows an incorrect value 0.0.0.0 or Unknown, but the CLI shows the correct configuration parameters. We previously performed a "request disable-ztp" besides "Disable Device and Network Templat...

egarantiva_1-1616164599996.png

Resolved! Using scripting mode to modify existing security rules

Hi, I was wondering if anybody has experience working with the scripting mode in the way I need.Using the following commands, it is possible to add a single application or service to a rule:set device-group INTERNAL post-rulebase security rules SEC-APP application [ ssl ]set device-group INTERNAL post-rulebase security rules WEB-APP service [...

Resolved! Email subject line is truncated or shortened after upgrade to 9.1.6

As I upgrade firewalls to 9.1.6 (from 8.1.x) I am noticing that the subject line for emails I receive (typically System messages) appears to be intentionally truncated. This is not display issue with outlook. If I open the email the subject line still ends in '...' The problem is I have custom email rules that filter on the subject field and now...

ChrisIsett_0-1619785033940.png

Always-UP IPsec

The ipsec-tunnel comes up only when there is interesting traffic destined to the tunnel or when the tunnel manually initiated.That leads to problems in our monitoring. I'd like to ask if there is a workaround to make the VPN always-up without need to enable tunnel monitoring. Because tunnel-monitoring must verify connectivity to an IP address fr...

aabozaid by L1 Bithead
  • 7107 Views
  • 3 replies
  • 0 Likes

Global Protect not working with Big Sur on PA 820

Hi all, I Use Global Protect version 4.13 on a PA 820 Os 10.0, after updating my Mac to Big Sur i vant connect to the Palo anymore.The strange thing: when i use the same Mac to connect to another Palo in our domein it works.The error: failed to get client configuration. The GP works with other device on my account so i know for sure the connect...

Resolved! Registration now open - Interactive Event!

Hi everyone, If you haven’t already seen, registration is now open for our first interactive event all about the Best Practice Assessment (BPA) tool! You will be able to connect with subject matter experts, share best practices, and learn how this tool can improve your security posture. Register here. I’m registered and can’t wait to see ...

jdelio by L7 Applicator
  • 4391 Views
  • 3 replies
  • 1 Likes

Resolved! EDL in vsys environment

Hello, We have a pair of 5250 running PANOS 8.1 with 125 vsys. We want to deploy EDL to block well known attackers. My understand is the EDL has a limit of 150000 entries for IP list. If I create a shared EDL (type IP list) with 10 entieres and create 2 panorama shared security rules for inbound and outbound for all 125 vsys. Is that count as...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks