This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4353 Views
  • 0 replies
  • 0 Likes

Resolved! Logging - advise if CPU load same regardless of log export method HTTP(s) Syslog and Netflow logging

Hello Experts, I tried to find any information to assist with understanding if some log export protocols taxing CPU (Management and DP) more then others. Perhaps ones DP pass log events to MP it is for Management to package and ship the logs, therefore, as long as some rules has logging enabled, the DP load will be the same regardless of the pro...

SergGur by L2 Linker
  • 4096 Views
  • 2 replies
  • 0 Likes

Resolved! secure email alert configuration.

Hi, I have now a problem and that is I have been through all discussions here related to email alerting, but all uses non-authenticated smtp.my problem that my used email uses secured smtp server, means I need to enter my email smtp authentication information which is not available in my current PAN-OS 9.0.any ideas how to configure this authe...

IP Spoofing understanding

I'm planning to implement IP drop - under Zone protection on a production system. I'm really only interested in the ' IP Spoofing ' aspect & I'd like to understand a little more on how it works so that I can addresses any issues, should they arise. Is the basis of IP spoofing to stop any RFC 1918 addresses from coming into the FW from the u...

smk391 by L0 Member
  • 15568 Views
  • 1 replies
  • 0 Likes

I can't open Support Cases.

I can't open Support Cases. Becauase single sign on error. I cleared the browser cache and tried with other browsers too. Other options work fine, but only the Support Cases is not open. What should I do?

Not opening login page to login

I'm using GlobalProtect to connect to a customer.Earlier a "web" page opened to type in my user name, now it's not happening anymore. It's trying to use my company login which is wrong, I have a account at the customer. My IT helpdesk, is telling me to contact customer IT helpdesk, and the other way around.I quess I just need this Microsoft to o...

mosekjar_0-1606290028954.png
mosekjar by L0 Member
  • 1889 Views
  • 1 replies
  • 0 Likes

Testing "Security-Focused URL Categories"

Is there a way to test the "Security-Focused URL Categories" with some example of URLs that would match the category?I went looking for them in my log after setting them to Alert and found none. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/url-filtering/url-categories/url-risk-categories.html

BoDollis by L1 Bithead
  • 2029 Views
  • 1 replies
  • 0 Likes

GlobalProtect with Azure MFA - Double login (username+password)

Hi, we have a customer with GlobalProtect with MFA from MS Azure. The setup works fine but we are still unable to get rid of a "double login". Not the MFA with a SMS on phone but the regular username/password combo.Usually it goes like this: 1. Login with username/password. 2. Redirected to the same page. 3. Login with username/passowrd. 4. SMS ...

https://etm.ru website haven't open

Hi All, We have tried to access one Russia URL (https://etm.ru) from our INT-trust and VPN zone while the result is ERR_HTTP2_PROTOCOL_ERROR and have tried with different browser but result is same . We could access through VPN external US gateway ( In our global product we have multiple external gateways) but it wasn't work from rest of the ga...

Geo Blocking problem

Hi, I am using Palo Alto (PA) firewalls hosting Software Version: 8.1.17 in AWS and need to configure Geo-Blocking so that only GB (United Kingdom) requests are permitted and all other requests denied. The infrastructure setup is as follows:FQDN => Internet Load Balancer => Palo Alto => Internal Load Balancer => EC2 instance I have ...

security policy source 1.PNG
security policy source 2.PNG
PA_1.PNG

Deduplication issue and config document regarding aggregator and output

Hi Experts, I’m testing with Splunk but, I got a problem about deduplicate. I’ve been input different 1000 indicators of IPv4 after deduplicate, there is 750 indicators of IPv4. below one IP address has a different value but, after deduplicate, I can see only one indicator. My expectation is that don’t deduplicate or there is multi value for t...

그림1.png
image002.png
jilim by L1 Bithead
  • 3447 Views
  • 1 replies
  • 0 Likes

Interzone Static Routing

Hi all, I'll preface this as I'm the sole networking guy at my job and I'm still green. Apologies for any dumb questions, I've tried to read the manual for relevant info and used my google-fu to no avail. I'm using a PA-3020 on firmware 8.0.6. I've been asked to integrate a new Cisco ASA for a financial system that allows a tunnel between my sit...

error user in group mapping

Hello, After upgrading to 8.1.X > 9.0.X > 9.1.x. we found that some ldap users do not check per user policies, only for ip politicies. The firewall has no user-id configured, only tree server ldap. we check that the firewall recognizes the Ldap tree. Is there any issue of incompatibility with the version? Thanks.

BigPalo by L4 Transporter
  • 4839 Views
  • 6 replies
  • 0 Likes

Resolved! Error when creating PBF Policy - IP does not match subnet

I want to create a PBF Policy in order to route traffic from one zone/interface destined for the Internet to a transparent intercepting squid proxy in another zone/behind another interface. Using a destination nat policy seems to work, but some other problem occurs and I was advised to try a PBF. The PBF is defined as follows:Source:Type: Interf...

daubsi by L1 Bithead
  • 8056 Views
  • 4 replies
  • 0 Likes

Resolved! Device Certificates Intermediate Cert

Hello,On Device>Certificate Management>Certificates - I have a IntermediateCert, under the RootCert, that is expiring. I can easily renew it, (It's self signed), but I'm trying to understand what its being used for. I haven't found any information that easily explains it, (just basically how to install, renew, etc).How can I find out what ...

roma by L2 Linker
  • 3391 Views
  • 1 replies
  • 0 Likes
  • 24365 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks