General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 93 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3334 Views
  • 2 replies
  • 14 Likes

traffic segmenation affect app-id

Hi

 

So I am working through a ssl decrypt issue with PA support. I am being told that because the stream is being segmented - so not coming as 1500mtu packets. the PA can't work out what the stream is.

 

The implication is that app-id doesn't work prope

...

Hardware Problems in PA 3220

I had similar problems in 4 firewall pa 3220 in which I could not even enter maintenance mode to take it to the factory reset mode and I had to send them via RMA to the 4 firewalls  for their change. Someone had a similar problem ,  to me a lot of at

...

URL 9.0 URL Category Cache Build Time?

How long does it take for the URL categories to build in the 9.0 release?   We have an issue with google-base app, where almost all google searches come back as the 'not-resolved' category for the first 5 minutes when we change datacenters.   8.1 you

...

Sec101 by L4 Transporter
  • 2551 Views
  • 2 replies
  • 0 Likes

Resolved! Shadow Rule Notice - Really Not a Shadow

I have a firewall (lab unit) with version 9.1 and I configured two Security Policy Rules.

The top rule (1) is Trust to Untrust, a source user is a group, all default options, and an Action of Deny.

The second rule (2) is Trust to Untrust, a source user

...

Migrate pa vm to pa 820 facing issues

Hi to all,

one of our customer migrated their complete infrastructure from PA VM to PA 820 physical device.

post migration they are facing issues like, they have generated report and seeing PA 820 and PA VM as well.

 

but here thing is, customer doesn't

...

RameshD by L0 Member
  • 1903 Views
  • 3 replies
  • 0 Likes

setting counter thresholds with snmp monitoring

Any one have a good handling on where to set dos counter thresholds for alerting via SNMP?

 

Also trying to figure out what are the best ~50 sensors to monitor for the firewall via SNMP.

 

pan tcp drop packet, pan flow dos pf strict ip, and pan flow dos

...

Resolved! Destination NAT issue or routing change

Hi All,

 

I have had a destination nat running for months without issue.

 

NAT: Source VPN Interface to Inside Interface: Destination Address: 192.168.90.231 Destination Translation: 10.0.8.82

 

Rule: Source VPN to Inside : Source IP to 192.168.90.231

 

It h

...

a.jones by L3 Networker
  • 2225 Views
  • 2 replies
  • 0 Likes

Iphone MAC won't connect Global Protect

Hello All,

We have Global Protect License for mobile we upgraded recently to 5.0.8 and i see my iphones will not connect.

did any one face this issue ? Works fine with windows and desktops only with iphone i face the similar issue.

Any help will be much

...

Possible bug in 'load config partial' command

Hello

 

Yesterday I was setting up a new PA-220. As always I cloned template and used load config partial command to clone device-group:

 

load config partial mode replace from-xpath /config/devices/entry[@name='localhost.localdomain']/device-group/entry

...

WildFire for the new guys

When I started using Palo Alto firewalls about a year ago, I heard the term 'wildfire', but didn't know what it was.

 

So, for anyone else who may be new, here's wildfire in under 5 minutes:

https://youtu.be/bj9Scj-QKEY

 

Luke_R by L2 Linker
  • 2098 Views
  • 1 replies
  • 0 Likes

DHCP Lease Time

Hi
We are distributing dhcp with mac reserve on paloalto. rental period is 10 minutes. is this time too short? Does the system get tired because the time is short?

Aykut1 by L1 Bithead
  • 3527 Views
  • 4 replies
  • 0 Likes

FQDN Addresses

I need your help on this please.

 

Is it possible to have a wildcard FQDN as a source or destination address (example *.microsoft.com)

 

Is is possible to mix wildcard FQDN with a non wildcard FQDN in an address group (example add in *.microsoft.com with

...

rockfort by L1 Bithead
  • 2229 Views
  • 2 replies
  • 0 Likes
  • 24126 Posts
  • 100 Subscriptions
Top Solution Authors
Labels