This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4468 Views
  • 0 replies
  • 0 Likes

radius user group

Hello! I'm studying the PCNSA, may I ask you a question about a security policy?The "it" group in that policy could be a Radius group imported on the FW?Or could be a way to map users to group? PS:it would be very useful if Palo Alto offered a free VM lab to test which we are learning, anyone know if it's already been provided? Many thanksAle

group palo alto.png

Resolved! Transport of Decrypt Port Mirror traffic to a remote Switch/Server

We've been trying to redirect the decrypted port mirror traffic to a remote sever in the network.If we plug a notebook into the decrytp port mirror of Palo Alto, we see all the decrypted traffic in Wireshark.So, we tried to connect PA port into a switch and use Cisco RSPAN to send the traffic to our remote Server. It just doesn't work.I may be f...

Resolved! What's The Difference Between Interface VLANs Tab and VLANS Section In Sidebar? (PA-220)

Hi all, I'm confused as to what the difference is between the "VLAN" tab under "Interfaces" in "Network and the "VLANs" section in the sidebar in "Network"? My goal is to create a couple of different VLANs for a network where certain traffic has to be segmented from other traffic. All of my ports are operating on L3. Thanks!

Resolved! Query on clientless VPN

We are told that the clientless apps only works with HTTP/HTTPS based apps, and therefore we cannot use it to allow MS remote desktop. This is the problem I am trying to solve. Our users currently use their own computers at home. They connect to the corporate network using Global Protect, but of course this could be a security risk if one of th...

NEED TO CREATE NEW VYSYS ON FIREWALL MANAGED BY PANORAMA

Hi Team, I am planning to create new vysys on firewall which already managed by panorama. In this case if i enable it from panorama and push the configurations to local firewall will create automatic device group and templet will be crated are do i need to create it manually. Please help me here @Bpray

saifulla by L0 Member
  • 2677 Views
  • 1 replies
  • 0 Likes

Resolved! Dynamic user group using HIP log tagging

Hi Team, I am trying to create a Dynamic user group using Log settings for HIP logs by the following procedure,1- created one Tag2- Configured log settings for HIP log for build in action tagging the source user with the tag created before3- created a dynamic group with the above tag as match criteria.The dynamic users are not getting registered...

NAT question

Hello all,we have configuration with dual ISP.From the 1st provider we get public IP directly on the PA2nd provider is with nat, i mean on PA we have private IP. When the route goes through the 1st one everything works fine. When we switch to the 2nd one there is a problems . In the monitoring tab i can see all requests to Internet zone ends w...

stef by L2 Linker
  • 4485 Views
  • 5 replies
  • 0 Likes

How export a specific log files from Palo Alto or Panorama like for example brdagent.log ?

Hello to All, How can for example the log fil brdagent.log be exported for checking physical issues like in article https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PNcBCAW&lang=en_US%E2%80%A9 or is there a way export all the logs (dp/mp/cp) ? Also should we first aggregate the logs on a firewall model 7000 befor...

GlobalProtect VPN Client Mac OSX Secure Input

I've got a user that uses keyboard maestro (an application) to run macros for software development. The issue is that keyboard maestro requires secure input (Mac OSX feature) to be disabled to be able to run. GlobalProtect since it starts as a service enforces secure input (the Mac osx feature) to be enabled. I've looked through the app config w...

Query on health check of new PA

We recently got shipped 2 new PAN-PA-3220 and both of them were DOA. ing PAN Software: 2021-03-10 21:02:39.170 -0800 Error: sysd_construct_sync_importer(sysd_sync.c:358): sysd_sync_register() failed: (111) Unknown error code2021-03-10 21:02:40.170 -0800 Error: sysd_construct_sync_importer(sysd_sync.c:358): sysd_sync_register() failed: (111) Unkn...

Tech Support File Contents

Hello, I tried to search online a lot but I could not find what exactly are the contents of tech support file are that we occassionaly download and send to tech support for support. Could someone please throw some light on what exact information is downloaded in tech support file?

psharma by L1 Bithead
  • 12878 Views
  • 8 replies
  • 0 Likes

Resolved! Monitoring internet connectivity

Is there an way to monitor if\when internet connectivity is lost on an interface on Palo 5220? We are trying to determine if our internet connection is going down occasionally (for just minute or less), but not finding anything on the Palo to indicate an internet bounce other than IPsec tunnels renegotiating. One thought was to set up probes f...

Jsytsma by L0 Member
  • 9964 Views
  • 2 replies
  • 0 Likes

Resolved! HAFNIUM targeting Exchange Servers with 0-day exploits

Hi all,Anyone have update relate to "HAFNIUM targeting Exchange Servers with 0-day exploits", I don't search any information relate to this nofication:https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/Our customer have ask me about this signature of PANw tHANKS,

ThomasX by L1 Bithead
  • 7726 Views
  • 4 replies
  • 0 Likes
  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks