This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4235 Views
  • 0 replies
  • 0 Likes

Is PANOS 9.1.6 is vulnerable for wreck security vulnerability?

Hi guys, Im having a query whether any of the PAN OS has the vulnerability as wreck in Palo alto network firewall. If so kindly update me here.I have searched with the PAN Advisory as well as other portals. like these https://www.cvedetails.com/vulnerability-list/vendor_id-12836/product_id-26167/Paloaltonetworks-Pan-os.html but no luck. So incas...

Resolved! About DNS security

Hello Bros, I my network and my firewall 3220 setup I have a question regarding the DNS security feature.If you go through creating an anti-spyware profile, and exactly in the DNS signature what is the difference between DNS signature source "Palo Alto networks content DNS signature sinkhole as an action" and " Palo Alto network D...

Hybrid model (where some exchange mailboxes are hosted in Microsoft 365) (using DNAT) Palo Alto inspect the traffic be regarded secure enough?

We have clients who want a Hybrid model (where some exchange mailboxes are hosted in Microsoft 365) rather than full blown integration. Would the proposed solution (using DNAT) with the sources constrained to the Microsoft approved IP/URL list and having the Palo Alto inspect the traffic be regarded secure enough?

NavidAlam by L3 Networker
  • 3476 Views
  • 2 replies
  • 0 Likes

Error Palo Alto Global Protect on MacBook

Hi Guys, I am facing an error when i want to use global protect on my mac. Every time i want to log on, It shows Gateway SSL VPN GW: The server certificate is invalid. Last two weeks i just use this and no problem. Please help me to solve this issue because it was very urgent. Appreciate if you could help me to solve this. Btw: my MacBook OS...

Kevin234 by L0 Member
  • 2568 Views
  • 1 replies
  • 0 Likes

Commit Error Messsge for Application being used

We noticed last month that a core firewall PA-3060 has started reporting the same error message as in this link. Application being already in use. We have provided tech support files to PAN support but they are still unable to determine the reason that we keep getting these error messages when we commit to the firewall.https://live.paloaltonetwo...

bambox by L1 Bithead
  • 2444 Views
  • 1 replies
  • 0 Likes

Data Filtering logs not in Panorama

Hi All, we are running 9.0.12. I've got data filtering with the patterns etc all set up. The logs appear fine on the firewall. And logging profile is set to forward all to Panorama, but none appear in Panorama. It's empty. Logging profiles is set to forward log type Data to Panorama.Any help would be appreciated. Panorama is forwarding all event...

igs1917 by L1 Bithead
  • 4277 Views
  • 4 replies
  • 0 Likes

SSH to Management interface (RADIUS Auth) PAN OS 10.0.4

Working on an HA Pair of PA-820 firewalls and just finished configuring auth for management interfaces. Went to test, and found that the firewall said auth succeeds, but the SSH connection immediately drops. Config:Auth profile is RADIUS (Windows NPS server)PAN OS 10.0.4Tests:Authentication to web interface works for user via RADIUS profileAuthe...

D_Baerry by L1 Bithead
  • 4483 Views
  • 2 replies
  • 0 Likes

Resolved! GlobalProtect - Use Machince Certificates for Authentication

Hi everyone, at the moment our GlobalProtect Infrastructure is only using LDAP for authentication, which is a problem since users should only be allowed to connect to GlobalProtect via a corporate Windows notebook.As a second factor we would now like to use machine certificates. We have already rolled out machine certs to every machine by an int...

Enabling multi vsys on a prod firewall.

I’m planning to create multi vsys on my palo alto. I just wanted to know if my existing configuration (interfaces, aggregate interfaces and rulebase) will be moved as it is to vsys1 or they need to be mived manually? I have aggregate interfaces layer 2 in my environment so I need to assign vlan interfaces to vsys and keep parent port in no vsys ...

HA1/HA2 speed recommendations for a PA5200 series setup (A/P)

I'm not sure if this documentation exists somewhere but I can't seem to find it.we have a customer with palo alto 5200 series firewall.due to covid-19 (as is the case with so many companies they are currently production stress testing the firewall with extra load due to teleworking, etc)the firewall handles it fine. however the ha1 and ha2 inter...

Resolved! Authenticating a PC based application

We have an old vertical application that can connect to a web server via https and that populates the datain the desktop application (thick client). Mgt Team would like there to be two factor authentication. But if the thick app does not support two factor I think that's a non-starter. Or could there be some way that a legacy app not designed fo...

Reconnaissance query

Hi Team,Is it possible to whitelist on the basis of destination for scanning port. I can see in Reconnaissance configuration we can only whitelist on the basis on source address. But more than 500 sources are available to scan port so its difficult to allow those for specific destination address. Please suggest. regards,Shiv

Cortex XDR Agent management questions - stragglers and operation status

I've deployed the cortex agent to all of our servers and now need to find stragglers (servers without agents running). I also need a method to know that not only are the agents installed and running but they are actually running as designed. I noticed there is a network scan in the portal for cortex but it only shows IPs for the devices, so I d...

  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks