General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 546 Views
  • 0 replies
  • 2 Likes

Unable to open a support case

Is anyone else having problems opening a new support case via supportcases.paloaltonetworks.com?  Whenever I try to open a new case I am able to complete step 1 just fine however when I get to the section of selecting the asset effected there are no

...

Screenshot 2020-11-18 084201.png

Support license -who own serial number

Hello , We have a customer B who was earlier supported by a Company X 

 

Now customer renewed all the Licenses -Threat Prevention , GP , URL filtering etc through our company Y ( We are PA Partner)  and also the Support contract with us ;

As per custome

...

Best Practices query for Security settings

Hi ,

 

I have a customer who has Threat prevention , AV, Wildfire ,licesne

 

The Network is divided into various Security Zones - like Users , Printers, Voip , Front end servers , Backend Servers , there are around 15 zones

 

Now we have the BPA report and

...

Resolved! Session End Reason auth-policy-redirect

Allowed all http and https traffic to Untrust, still the traffic on port 80 is getting blocked. Any idea why it is So?  

 

Rule allowing http and https traffic

 

 

Traffic log

Rule.jpg
APR.jpg
Bijesh by L1 Bithead
  • 13820 Views
  • 3 replies
  • 0 Likes

LAB'ing PaloAlto

Hi, 

 

I have installed a couple of PA-vm firewalls but i am not able to test upgrading PAN-OS or enable multi Vsys support.

Am I using the wrong model in the lab? Is there a way I can do the above? Are there any trial licenses without limitations?

 

I lo

...

qasim02 by L2 Linker
  • 2415 Views
  • 2 replies
  • 0 Likes

scheduled policies to affect existing sessions

Dear community,

 

I configured schedule on policies and it seems that as per design the existing sessions are not affected by the schedule:
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-web-interface-help/objects/objects-schedules.html 

 

Meaning th

...

Carracido by L3 Networker
  • 1820 Views
  • 1 replies
  • 0 Likes

LIMIT SERVICES (2000) IN PA 5020 ios 8.1.10

HELLO EVERYB,

 

i there any way to increase de limit of servies? in our case er arrive to  2000 service (ports) in PA 5020 WITH IOS 8.1.10?

 

have i to increase at the hardware level? or sfoftware?

 

thank u so much

JESELITO by L1 Bithead
  • 3387 Views
  • 5 replies
  • 0 Likes

Request a Signature for CVE be Mitigated

Is there a proper way to request a CVE be mitigated by the Palo firewall and added to the Threat Vault?  

I have read the conditions for a signature being added, but it doesn't tell you where to request one. 

 

https://knowledgebase.paloaltonetworks.com

...

RMaine by L0 Member
  • 2677 Views
  • 3 replies
  • 1 Likes

Resolved! Traffic hitting policy rule it shouldn't

Hi,

 

PanOS 9.1.0

I need to block traffic to certain websites and domains.

I created a URL Category object and put just one site inside (example.com).

I then created a firewall rule like this:

 

Source zone: LAN

Source address: any

Dest Zone: WAN

Dest address:

...

Error in CEF format for Threat logs

The following guide provides the parsing for CEF-style Log Formats for PAN-OS 9.1:

https://docs.paloaltonetworks.com/content/dam/techdocs/en_US/pdf/cef/pan-os-91-cef-configuration-guide.pdf

 

We have been using this for a while, but because now we have

...

MarcelST by L3 Networker
  • 3356 Views
  • 1 replies
  • 0 Likes

List all deny rules from cli

I have to list all deny rules (from cli)

The following command "show running security-policy | match index " list all security rules by name

For example:

"AllowBrach1IN; index: 1" {

....etc

What I want is:

- deny INBOUND traffic rules only but regarding en

...

jls3j999 by L1 Bithead
  • 6761 Views
  • 14 replies
  • 0 Likes

Resolved! PaloAlto 5260 upgrade

Hi, 

I am upgrading so PA firewalls from 8.1.7 and 8.1.9 to 8.1.13, normally I wouldnt ask these questions but since these firewalls are extremely critical I need to be extra cautious. 

been looking at the upgrade Matrix and couldnt see a clear answer

...

qasim02 by L2 Linker
  • 3584 Views
  • 4 replies
  • 0 Likes
  • 23740 Posts
  • 110 Subscriptions
Top Solution Authors
Top Liked Authors
Labels