General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Join the Fuel User Spark Event on March 19: Dealing with Threats !

 

Join us at the Fuel User Group Spark Event on March 19!

 

Get ready to ignite your cybersecurity knowledge and connect with industry experts at our upcoming Spark event hosted by the Fuel User Group. Whether you're a seasoned professional or just

...

kiwi_0-1709893724672.jpeg
kiwi by Community Team Member
  • 650 Views
  • 5 replies
  • 3 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3319 Views
  • 2 replies
  • 14 Likes

Resolved! Can you Exclude an address from your traffic search?

the following search string 
( app eq dns ) and ( port.dst eq 53 ) and ( addr.dst in 8.8.8.8 )

searches and displays all dns traffic using port 53 that has the destination ip of 8.8.8.8

I would like to know if I can look at all dns traffic traveling on

...

Expedition migration tool steps

Hello all,

 

I am planning to migrate our two checkpoint HA clusters (Active-Standby) with Palo Alto with the help of Migration tool. I never used migration tool ever. Can someone brief me steps to be followed for successful migration?

johnde by L2 Linker
  • 2990 Views
  • 1 replies
  • 0 Likes

Resolved! Configure WebGUI certificate from CLI (PanOS 9.0)

Dear all,

lost access to the WebGUI.

opaque: websrvr: Exited 4 times, waiting 1770 seconds to retry

 

Before that I received another email from the firewall:

opaque: Shared certificate xxx and corresponding key have expired.

(OK, I know, my fault)

 

So I sus

...

high MP CPU load due to appweb3 process

PA-5020, sitting on 8.0.4.

From time to time MP load increases rapadily due to appweb3 process going above 300%. Looking like this:

 

There is no direct correlation found between the spikes and actions taken within the GUI. Spike may go on for a while -

...

cpu-load.png
nikoo by L3 Networker
  • 7535 Views
  • 4 replies
  • 0 Likes

QOS Bandwidth Limitation Download & UPLOAD

I would like to understand bandwidth limitation steps on Internet download and upload

 

Example - lets say i want to restrict steaming url category on download and upload

 

1. create QOS policy to map traffic going to inside to Internet  youtube as Class

...

kan0062 by L1 Bithead
  • 5425 Views
  • 1 replies
  • 0 Likes

Resolved! After Forward Trust certificate is renewed

After Forward Trust certificate is renewed is there a way to validate the renewed certificate is working correctly from either GUI or CLI?
Device > Certificate Management > Certificates > Forward UNTrust Certificate

GP prompts for internal gw connectivity

Hi all,

 

I've deployed a GlobalProtect installation solely for the purpose of User-ID. The GP agent connects to the internal portal/GW (one box) upon login with Kerberos SSO. However, when the internal gateway is not reachable (user has no network, us

...

GP GW Prompt.png
Arne-VDH by L3 Networker
  • 6335 Views
  • 12 replies
  • 0 Likes

Resolved! API - Manage Users for VPN access

Hello Community,

 

i'm currently planing a project which should be able to control the VPN user access via the API.

It should be a simple tool where you just need to click a single button. The tool then activates or deactivates the user for that VPN via

...

JustAGuy by L1 Bithead
  • 3068 Views
  • 3 replies
  • 0 Likes

Resolved! TCPDUMP execution

 Hello,

 

I have to do a TCPDUMP to test the communication of my Active Directory because a have a problem with the User-ID service. 

 

I have read the documentation and I don't understand when says that the TCPDUMP captures the traffic that traverses th

...

iscott by L2 Linker
  • 2293 Views
  • 1 replies
  • 0 Likes

Resolved! Static Route Path Monitoring Clarification

Hi,

 

Let's say a scenario where I have a default route configured to go out interface 2 with a Metric of 10

 

Then I have another static route to go out interface 3 with metric of 5. On this route I setup path monitoring to ping an ip address that is ac

...

RITS5446 by L0 Member
  • 2819 Views
  • 1 replies
  • 0 Likes

Resolved! NCAA 2020 App-ID

Is there any timeframe for when the new NCAA app-id's released for March Madness?  I found the 2017 app-is signatures, and a link for the 2018 signatures but was not able to access the files.

  • 24127 Posts
  • 100 Subscriptions
Top Solution Authors
Labels