This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4254 Views
  • 0 replies
  • 0 Likes

Layer 2 sub interface with vlan is not working

Hi all, I am trying to configure palto interface in layer 2 mode as trunk and Vlan interface as SVI. Interface interface type IP address Tag Vlan Sucurity zoneethernet 1/10 layer2 none none none Mgmt-Trust-L2I need t...

Resolved! IpSec Tunnel Up but not passing traffic

Hi all, I have "Inhand Ir611" Industrial Cellular Router and Palo Alto in office. I have configured Inhand router and i have reach to internet. Than i setup Ipsec Tunnels to my Office Palo Alto. Everything looking good after configuration and restart the device. I have check PA side. Tunnel Up and Ike Up i have two green dot in PA. But i can't r...

Lacrymae by L1 Bithead
  • 8559 Views
  • 3 replies
  • 0 Likes

Techdoc resources not appearing in Live Community search.

Hello, First, my assumption is Technical Documentation is the same as Techdocs. Here's my scenario. I'm working in Prisma Cloud testing a workflow. I click the help (?) at the bottom right corner of the page and navigate to Other Resources - Get Help. It takes me to Live Community. At the Live Community page I want to find two resources:Integrat...

JBrooks by L1 Bithead
  • 5726 Views
  • 4 replies
  • 0 Likes

alert action or default(alert) - No logs seen

Hello , I have created an Antivirus Profile The action i have set is Alert and not default(alert) . Similarly Wildfire Action in AV profile is also "Alert" However when i see Threat Logs and filter by ( subtype eq virus ); i cant see any log I can however see logs for subcategories spyware and vulnerability Also , i cant see anything Wildf...

Resolved! Query for DNS Security

Hello, In anti-spyware Palo Alto DNS security option, the default action was already on alert.We don't have DNS Security License.1. What should be the default action which I keep? Should I keep on alert or sinkhole?2. If I keep the action on sinkhole will it disturb DNS traffic?

can we mitigate CVE-2021-3031 PAN-OS by restricting dataplane interfaces of NGFW

CVE-2021-3031 PAN-OS: Information exposure in Ethernet data frame construction (Etherleak)Padding bytes in Ethernet packets on PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series firewalls are not cleared before the data frame is created. This leaks a small amount of random informati...

Deepak_K by L3 Networker
  • 2323 Views
  • 1 replies
  • 0 Likes

MS-Teams Update Security Policy Help

Hello all, I'm trying to fine tune a security policy to allow MS-Teams to update; based on what I can see the logs, it seems to contact statics.teams.cdn.office.net for the update. I have created a single policy with that destination as a FQDN, allowing the usual ports and applications. However, the rule is never hit, it skips over it and hit...

COlson by L2 Linker
  • 4546 Views
  • 3 replies
  • 0 Likes

Resolved! Alert action in Security profile

Hello , We are enabling Security features like Antivirus , Antispyware , Vulnerability protection , Filer blocking etc . We want initially to monitor the traffuc We are putting the action as " Alert " . Just wanted to confirm that it wont block anything ?

how to check list of users of particular group who are connecting Global protect.

We want list of users of particular group who are connecting Global protect.Reason behind this requirement is to get number of users from particular group who are connecting GP. So accordingly we can purchase the licence for 2FA from third party vendor.We have added multiple groups for GP authentication , if 100 users in HOD group and from them ...

Deepak_K by L3 Networker
  • 5466 Views
  • 5 replies
  • 0 Likes

Wildfire behaviour

We can not understand at all how Wildfire works. We realised that WF detects files that have been downloaded and categorized as malware can continue to be downloaded for a long time, this behavior is not the expected, which indicates that once it is categorized as malware, the signatures are automatically updated in a short time and the next tim...

BigPalo by L4 Transporter
  • 3183 Views
  • 2 replies
  • 0 Likes

Resolved! failed panorama migration

hii attempted to migrate an HA pair to Panorama which went bad. I had only pushed to passive and when i tried to make it active, everything went down.had to make the previously active firewall actve again, and load last save on passive to recover the passive firewallnow, after after disabling panorama setting in firewall>device>setup, i ha...

josggf by L2 Linker
  • 14359 Views
  • 14 replies
  • 0 Likes

Resolved! How to see a specific incoming IP

Hello, I am new to Palo Alto Firewalls still learning. I as asked to see a specific IP that is attempting to connect to my FW. Can someone please point me in the direction to see an incoming IP? I see on the GUI "Monitoring" and "ACC" tabs. Is there Training Material or commands that show how?

  • 24362 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks