This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Jquery Version - JQuery 1.2 < 3.5.0 Multiple XSS

Hi teamWe received this vulnerability in the report by our vendor for our PA"According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by a cross site scripting vulnerability"and solution for this its saying "Upgrade t...

Resolved! Possible Reason Why Palo Rejecting SMTP traffic containing attachments.

Hi All, I was . Over the past couple of days we have seen a increase in delayed or non delivered emails that contain attachments greater that approx. 3mb that are being rejected or non delivered to the mailbox transport server. It is now a permanent issue and we have identified that the firewall is the cause of the issue but I am unsure how to f...

ccarter by L1 Bithead
  • 9415 Views
  • 2 replies
  • 0 Likes

Minemeld Indicators Number not equal Firewall DAG Members List

Hi everyone, I tried to reference all the Windows RODC (Read-Only Domain Controllers) using a custom script. The script is working fine : it queries our Active Directory, and returns a JSON list of RODC. Each indicator listed by the script looks like this : { "indicator": "ip.add.re.ss", "value": { "comment": "This is a comment", "confid...

GREMAUDO_0-1594979428303.png
GREMAUDO_1-1594979557569.png
GREMAUDO_2-1594979751746.png
GREMAUDO_3-1594979868103.png
GREMAUDO by L1 Bithead
  • 2843 Views
  • 1 replies
  • 0 Likes

Minemeld taking up a lot of disk space opt/minemeld/local/trace/*

/opt ( 5 Gb ) is running at 80% full, most of which is consumed by /opt/minemeld/local/trace/*. Can some housekeeping be done or do we need to expand the storage, is it just an area that going to grow and grow ? Is there a Housekeeping job that can be ran to clear out the Trace folder. any suggestions ?

False positive alerts

A very high quantity of botnet false alerts being reported on our appliance. Using 9.1.3. Botnet report alerts as noted below: Repeatedly visited (10) the same URL 216.58.199.36/Repeatedly visited (30) the same URL 142.250.66.164/Repeatedly visited (69) the same URL 142.250.67.4 Visited malware URL tdsjsext1.life/ExtService.svc/getextparams .216...

Wildfire submittion issue

we have seen in wildfire the same file (i have verified the file hash available in wildfire cloud) is submitting multiple tiles even after the verdict is malicious from old wildfire submission.ie, wildfire dynamic update is configured for every minute and it is having the latest wildfire content, still, the same file is again submitting to wild...

Joshan_Lakhani_0-1598385227480.png

Panorama: PDF export full of HTML code

Update 2: This is almost completely fixed in 8.1.16, with only one column showing [object Object] instead of a value. See this post for details. Update 1: This is still not fixed in 8.1.12, although the issue is slightly different. See this post for details. Panorama 8.1.10 (running in VMWare ESXi 6.5 if that makes a difference) All PDF and ...

PDF-export-NAT-Policies.png
fjwcash by L4 Transporter
  • 16411 Views
  • 15 replies
  • 0 Likes

Resolved! HA setup and standy firewall has more config then active firewall

Hi Guys, I have Firewall setup where standby firewall has more config then active firewall. Right now config is out of sync and HA1 back up link is up. HA1 and HA2 links are down.What I want is the config of standby firewall on the active as well . if I click on 'Sync with Peer' , which config will be synced ? @BPry can you please help on this? ...

shafi021 by L2 Linker
  • 3541 Views
  • 3 replies
  • 0 Likes

IP is getting Registered with TAG Name,but I don't find the IP in DAG

Hi, I am testing some scenario and I see the ip is getting registered with TAG but i don't see it in DAG. palo-alto-panos-9.0&gt; show object registered-ip tag testregistered IP Tags---------------------------------------- -----------------9.9.9.3 #"test (never expire)"9.9.9.13 #"test (never expire)"9.9.9.14 #"test (never expire)"4.4.4.4 #"tes...

DAG.PNG
tag.PNG

Can we remove URL indicators with specific keyword ?

Hello, I am trying to push Cofense indicators to different devices, but want to exclude some URLs as those are not accepted by the devices.I want to ignore URLs with sign "√" and "@" in domain. http://google.com@ashousingcompany.com/www/?http://google.com@drpinfra.com/www/?https://send01.secureserver.cyou/√ExpressD.√----/https://send01.secureser...

Global protect and HA3 with session owner as primary device.

I have an active/active global protect configuration with the session owner set as primary-device.1 portal2 gateways I can connect to either PA with the client but traffic will not route outside of the secondary PA. I can ping every interface on the secondary from a connected client. I get a bunch of hits for ha_aa_pktfwd_err_decap on the primar...

reCaptcha and Restricted Internet Users

Due to the recent COVID crisis, our users are asked to login to a website prior to coming into work to "validate" that they do not have COVID symptoms or been in contact with anyone who has COVID. There are some users who are unable to do this prior to coming in and we need to allow them to access the website from their VDI/PCs when they come in...

Resolved! GlobalProtect : MAC adresses and Armis integration

Our ISO organisation has bought many passive listening Armis IOT devices in our computer centers to better identify IOT devices connected to our network. Armis uses the MAC addresses of detected devices as the unique key to allow to create rules, alerts and policies. With our switch to GP as our VPN solution we are looking into options on how we...

Resolved! Support Portal appears to be down connecting from Hawaii 8-25-2020

Is anyone else experiencing no connectivity to the support portal? I have tried from my work and home spectrum internet connections and am unable to bring up the support.paloaltonetworks.com portal. The site times out, other sites appear to be working here just the support portal. Looks like this is affecting the ability load software on the ...

dkhilo by L0 Member
  • 2620 Views
  • 1 replies
  • 0 Likes

Resolved! HELP - VPN IPSEC - SUBNET OVERLAPPING

I require a helpI have to perform a nat in the tunnel, because my network conflicts with that of my other site:Site 1192.168.50.0/24site 2192.168.50.0/24Serial connection from site 2 to site 1 to a specific server192.168.50.0/24 -------- 192.168.50.253 (Server)I need to do NAT with network 172.50.1.253 at site 1, 192.168.50.253 NAT 172.16.50.253...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks