General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 264 Views
  • 0 replies
  • 1 Likes

traffic segmenation affect app-id

Hi

 

So I am working through a ssl decrypt issue with PA support. I am being told that because the stream is being segmented - so not coming as 1500mtu packets. the PA can't work out what the stream is.

 

The implication is that app-id doesn't work prope

...

Hardware Problems in PA 3220

I had similar problems in 4 firewall pa 3220 in which I could not even enter maintenance mode to take it to the factory reset mode and I had to send them via RMA to the 4 firewalls  for their change. Someone had a similar problem ,  to me a lot of at

...

URL 9.0 URL Category Cache Build Time?

How long does it take for the URL categories to build in the 9.0 release?   We have an issue with google-base app, where almost all google searches come back as the 'not-resolved' category for the first 5 minutes when we change datacenters.   8.1 you

...

Sec101 by L4 Transporter
  • 2777 Views
  • 2 replies
  • 0 Likes

Resolved! Shadow Rule Notice - Really Not a Shadow

I have a firewall (lab unit) with version 9.1 and I configured two Security Policy Rules.

The top rule (1) is Trust to Untrust, a source user is a group, all default options, and an Action of Deny.

The second rule (2) is Trust to Untrust, a source user

...

Migrate pa vm to pa 820 facing issues

Hi to all,

one of our customer migrated their complete infrastructure from PA VM to PA 820 physical device.

post migration they are facing issues like, they have generated report and seeing PA 820 and PA VM as well.

 

but here thing is, customer doesn't

...

RameshD by L0 Member
  • 2083 Views
  • 3 replies
  • 0 Likes

setting counter thresholds with snmp monitoring

Any one have a good handling on where to set dos counter thresholds for alerting via SNMP?

 

Also trying to figure out what are the best ~50 sensors to monitor for the firewall via SNMP.

 

pan tcp drop packet, pan flow dos pf strict ip, and pan flow dos

...

Resolved! Destination NAT issue or routing change

Hi All,

 

I have had a destination nat running for months without issue.

 

NAT: Source VPN Interface to Inside Interface: Destination Address: 192.168.90.231 Destination Translation: 10.0.8.82

 

Rule: Source VPN to Inside : Source IP to 192.168.90.231

 

It h

...

a.jones by L3 Networker
  • 2511 Views
  • 2 replies
  • 0 Likes

Iphone MAC won't connect Global Protect

Hello All,

We have Global Protect License for mobile we upgraded recently to 5.0.8 and i see my iphones will not connect.

did any one face this issue ? Works fine with windows and desktops only with iphone i face the similar issue.

Any help will be much

...

Possible bug in 'load config partial' command

Hello

 

Yesterday I was setting up a new PA-220. As always I cloned template and used load config partial command to clone device-group:

 

load config partial mode replace from-xpath /config/devices/entry[@name='localhost.localdomain']/device-group/entry

...

WildFire for the new guys

When I started using Palo Alto firewalls about a year ago, I heard the term 'wildfire', but didn't know what it was.

 

So, for anyone else who may be new, here's wildfire in under 5 minutes:

https://youtu.be/bj9Scj-QKEY

 

Luke_R by L2 Linker
  • 2241 Views
  • 1 replies
  • 0 Likes

DHCP Lease Time

Hi
We are distributing dhcp with mac reserve on paloalto. rental period is 10 minutes. is this time too short? Does the system get tired because the time is short?

Aykut1 by L1 Bithead
  • 4371 Views
  • 4 replies
  • 0 Likes

FQDN Addresses

I need your help on this please.

 

Is it possible to have a wildcard FQDN as a source or destination address (example *.microsoft.com)

 

Is is possible to mix wildcard FQDN with a non wildcard FQDN in an address group (example add in *.microsoft.com with

...

rockfort by L1 Bithead
  • 2492 Views
  • 2 replies
  • 0 Likes
  • 23630 Posts
  • 107 Subscriptions
Top Liked Authors
Labels