This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4132 Views
  • 0 replies
  • 0 Likes

Resolved! How to see a specific incoming IP

Hello, I am new to Palo Alto Firewalls still learning. I as asked to see a specific IP that is attempting to connect to my FW. Can someone please point me in the direction to see an incoming IP? I see on the GUI "Monitoring" and "ACC" tabs. Is there Training Material or commands that show how?

DNS Security scaling?

Hello, We're looking at replacing some Fortinet and Juniper devices with PA's but can't find any details as to how many entries can be cached with the "DNS Security" feature. I have a lab 220 I'm using but the output of the commands don't seem to show how many entries the cache can hold.debug dataplane show dns-cache statistics Aggregated DNS ...

9_volt by L0 Member
  • 3984 Views
  • 2 replies
  • 1 Likes

Slow ISP bandwidth through PA-3020

We upgraded to a 1gb/s internet connection from a 50mb/s on Friday. For some reason we are only seeing a max of maybe 250-300mb/s but in most cases we are at 175mb/s. We have a PA-3020, with App-ID enabled and Threat. We did our research before upgrading and thought we would see closer to 1gb/s with this firewall. Any ideas on what we can chec...

Resolved! Wildfire actions

Hi ,i have 3 question for wildfire 1)If we define wildfire profile , and call that profile in a security rule , only that particular rule will be effective for wildfire analysis and not all the rules in the policy ? 2)Also , as a starting point , we want to limit sending all the file types to Wildfire , is there any initial level Wildfire catego...

PA 3000 Make users accept TOS before browsing the web

Hello, we use our PA 3000 as a router to distribute our ISP to multiple locations. Is there a way that I can make it so when a user try's to browse to the web either a pop up or a redirect happens so that they have to accept terms of service prior to being allowed to continue?

Jenkins by L0 Member
  • 2588 Views
  • 2 replies
  • 0 Likes

UserID issue when using RDP via GlobalProtect client

Hello,I have the following issue when using RDP via GlobalProtect client.Situation:PaloAlto 820 with PAN-OS 9.0.9, GloablProtect Client 5.2.4, Windows 2016 Active DirectoryFor remote access we use GlobalProtect with Active Directory accounts (RADIUS authentication to AD)User-ID is used utilizing an UserID agent installed on the DCUser-based poli...

Cyber Elite video interview with Brandon Pry !

Just in case you missed it, our very own Cheryl Rasmussen took some time to interview one of our new Cyber Elite Members, Brandon Pry (@BPry) . Take a moment to check out Cheryl's blog and watch the video interview here: https://live.paloaltonetworks.com/t5/blogs/spotlight-interview-with-bpry/ba-p/373666 Super happy to have you on board in t...

Bpry.jpg
kiwi by Community Team Member
  • 4752 Views
  • 3 replies
  • 5 Likes

Resolved! Device certificates for Panorama-managed devices

Hi,The screen below is from support.paloaltonetworks.com in Assets/Device Certificates.I am trying to get the device certificates for the firewalls that are managed by Panorama, without doing it locally on each firewall.In Panorama, where to I go to get the "text/code provided by your Panorama"???That little blue "I" info button provides no info...

ksalustro_0-1610398739744.png
ksalustro by L3 Networker
  • 5065 Views
  • 2 replies
  • 0 Likes

Resolved! Share User-ID among VSYS

How to best share user-id's or ip/User-mapping between different vsys. I want share user to IP-mapping for users connecting through global protect in separate vsys. But i think usecase can be extended to non GP mappings too.

raji_toor by L4 Transporter
  • 3632 Views
  • 2 replies
  • 0 Likes

Enabling Security Features

Hi ,We have a customer running a cluster of PA 3060 . The goal is to enable security features on at least 30-40 percent of the rules initially . likeURL Filtering AntiVirusAntispywareWildfireVulnerability Assessment Are there any Best practices rules which covers or are generic to most ( if not all) organisations ? SSL Decryption is at later st...

Panorama Variables for HA A/A

Hi everyone!We have an HA A/A deploy, management vía Panorama.Have i any Variable to use for NAT's like Device-ID? to perform macro configurations? Regards

Rojaba by L0 Member
  • 2511 Views
  • 2 replies
  • 0 Likes

Resolved! Filter Output By Category

Hello everyone,I'm working with the Proofpoint EThreat,I'm trying to filter the output feed based on ET category.to archieve this, i'm editing the Output Node stlib with this condition:- actions:- acceptconditions:- confidence > 75- share_level == 'red'- proofpoint_etintelligence_categories == 'VPN'name: category CnC But it doesn't work, prob...

bereon by L0 Member
  • 3065 Views
  • 1 replies
  • 0 Likes

Windows Server 2003 with Agentless User ID

Hi guys, I am setting up agentless user-id with Windows Server 2003 Active Directory. My PAN-OS version is 8.1.16. For the setup, i've followed the guide here:https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGGCA0 Currently i am being hit by this error message:When I looked up for NT error code 0xc002001b, it shows tha...

codemsittc_0-1610365644609.png
codemsittc_1-1610366073752.png
codemsittc_3-1610366486241.png
codemsittc_2-1610366325671.png
  • 24337 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks