General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1712 Views
  • 0 replies
  • 0 Likes

Strange behaviour of HA pair active passive

Today i've noticed a strange behaviour of HA pair of Pa820 (panos 8.1.6) in Active passive configuration.

In the dashboard page i've noticed the running config not in sync with peer.

So i checked the differences with the diff button and i discovered th

...

Clip.jpg
Clip_3.jpg
Clip_4.jpg
Padmin7 by L0 Member
  • 3238 Views
  • 2 replies
  • 0 Likes

Resolved! DOS profile for critical servers

Hi Guys,

 

I want to create the DOS profile for critical servers. I read that I can use classified type so connection count toward only one IP address.

My question is can I add multiple servers IPs in same DOS Rule or I need to create multiple DOS rules

...

shafi021 by L2 Linker
  • 4007 Views
  • 3 replies
  • 0 Likes

Have you heard of the Cyber Elite?

In case you missed it, the LIVEcommunity team has just introduced the LIVEcommunity Cyber Elite program.

 

What is the Cyber Elite program you ask? 

This is a program that we have helped create to recognize the Expert members of the LIVEcommunity. 

...

pan_live-community_cyber-elite_v3.png
jdelio by L7 Applicator
  • 6205 Views
  • 3 replies
  • 11 Likes

HL7 Traffic / Unknown-TCP traffic gets denied.

We are standing up some new PA firewalls and have been testing with some HL7 servers.  Testing has been going well until recently where "unknown-tcp" traffic gets denied.  It seems that it only happens when the transfer of a specific file/message is

...

rkoenig by L3 Networker
  • 12987 Views
  • 11 replies
  • 0 Likes

Resolved! Public to Public RFC 1918 blocks

Hi,

 

I am looking to block the RFC 1918 blocks coming from internet to our LAN zone. So, Policy will be Source zone: Public , IP: RFC1918 blocks, Destination zone: LAN, IP : any .

Can you guys please confirm that creating this policy will fulfill my re

...

shafi021 by L2 Linker
  • 6806 Views
  • 2 replies
  • 0 Likes

Primary and Secondary SSL VPN global protect

One question that comes in my mind, can we use fallback URL or IP in Global Protect client? Like in Cisco AnyConnect, if the primary VPN Server or internet source is down then client connect with the secondary internet source automatically.

aneeqzia by L0 Member
  • 3652 Views
  • 3 replies
  • 0 Likes

Resolved! x-forwarded-for header in traffic log on AWS VM

Hello,

 

My FW is behind ALB, so I want to see original Src IP.

 

I enabled "use x-forwarded-for header in user-id" setting and user-id on the zone.

But there is no info on source user column in traffic log.

 

I can see the information in url filtering logs

...

yhlee1 by L2 Linker
  • 6108 Views
  • 5 replies
  • 0 Likes
  • 24222 Posts
  • 117 Subscriptions
Top Liked Authors
Labels