This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

policy based forwarding issue on palo alto.

Folks,A policy based forwarding rule that we have created does not work. This pfb rule is create in vsys3 so we are not sure if any other configuration is needed. When we try to see the running configuration for all pbf rules this is what it shows: admin@hostname> show pbf rule allServer error : No PBF rule in vsys 1.admin@hostname> Unlike...

nson2139 by L3 Networker
  • 2493 Views
  • 1 replies
  • 0 Likes

Resolved! Vwire Active Active with ASA HA Pair

I have a n HA pair of ASA and will be implementing an HA pair of PANS between the Core and ASAs. I can send a topology if necessary. Currently have a Cisco 3750 layer 3 connected to two separate Cisco 2960s via a trunk link. The2960s are aslo inter-connected via a trunk link. The ASAs are connected to each 2960 via access port. The original idea...

Firewall Logs Backup

Dear Team, How to take logs from active standby firewalls i am going to migrate the firewall from 5050 to 5220 so i will lost old firewall logs once i added new firewalls to panorama.Kindly suggest how can we take the logs for future purpose and suggestions. Thanks.,A.Yazar Arafath

Global Protect gateway timeout

We are connected via Global Protect are having issues where the session gets disconnected overnight. Is there a way to override this setting only for one user ? Does below settings change will affect all users We are using split tunnel. Could you please advise if any workarounds can be made ? just to keep the heart beat active at least ? I am r...

Capture.JPG

Resolved! How to remove SSH weak algorithms?

An internal PCI vulnerability scan has revealed the following issues with the PAN-820 appliance:1. SSH Weak Algorithms Supported: Tester has detected that the remote SSH server is configured to use the Arcfour stream. RFC 4253 advises against using Arcfour due to an issue with weak keys.Affects management interface 10.32.1.2:22 (tcp)Also affects...

file download slow

Hi,My speedtest shows 50 Mbps bandwidth remainig.But when downloading files i am getting very low speed . To isolate the problem bypassed PA, then speed was ok .Traffic shaping is enabled on PA.Web browsing is ok How to fix this problem Thanks

simsim by L4 Transporter
  • 7105 Views
  • 5 replies
  • 0 Likes

Resolved! Jquery vulnerability on Management Interface web server

Hi teamWe received this vulnerability in the report by our vendor for our PA"According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by a cross site scripting vulnerability"and solution for this its saying "Upgrade t...

shubhamG by L1 Bithead
  • 14634 Views
  • 3 replies
  • 1 Likes

Auto commit failed after upgrade to 8.1.0

We upgraded the passive firewall on our Active/Passive HA firewalls from 8.0.19 to 8.1.0.After installing the 8.1.0 image, firewall rebooted. After that, ethernet interfaces as well as HA ports didn't go UP. We also got an error, that the auto-commit failed."Error: Max. user groups used in policy 1067 exceeds capacity (1000)"Questions:1. Ports d...

Resolved! export "application seen" to csv/pdf ?

Hi folks,following situation: one of my customers has a rule that allows any traffic from trust to untrust.the rule detects over 400 application with more than 2 terrabytes of data in the last 30 days.is the any kind of way to export the "seen apps" to a csv or pdf list or anything else? we need such a list to sort out unwanted apps and sort the...

Resolved! Authorized pishing scenarios, issues with Pan DB Url filtering

In my company we are generating authorized pishing test scenarios to test users who compromise their assets when interacting with pishing links in their emails, for this we want to collect information and statistics on who opened the email, clicked on the link and / or entered personal information. To then generate awareness campaigns.The tool u...

Custom Response Page

Hi All, Hoping someone can help. I need a custom response page for URL Filtering. I know I need to use Javascript but that is not my forte so hoping can provide the inform for me. I need to produce two distinct page responses depending on the IP address the user comes from ie:If they come from address range 10.0.0.0/8 a URL response page produce...

a.jones by L3 Networker
  • 8588 Views
  • 8 replies
  • 0 Likes

Nest Thermostat

Anyone running a Nest Thermostat behind a Palo Alto Networks firewall? I am seeing an inability to connect to the nest site. Logs show a repating SSL on 443 with session end reason: tcp-rst-from-client Any thoughts would be appreciated. Bob

BobW by L1 Bithead
  • 9821 Views
  • 9 replies
  • 0 Likes

HIP Profile serial number filter issue

I have upgrade my firewall from 9.0.9 h1 to 9.1.4 when i generate the report for the HIP profile or use the filter base on serial number iam facing this issue please suggest i there any bug in 9.1.4 Even clicking on serial number in HIP Match logs to filter search results fails as below

Joshan_Lakhani_1-1597998626771.jpeg
Joshan_Lakhani_0-1597998604250.jpeg

Can someone exsplaine to me like I'm 5 what App-IDs are?

So I need to update my PanOS on my PA-3020, but because I have a mission-critical network I need to avoid downtime as much as possible. In the walk-through for the PanOS upgrade, it says 'any change a content releases introduces that affects App-ID could cause downtime.' I was not fully clear on what an App-ID is, and why it might change from ...

EDL IP List GUI not display

Currently setting EDLEDL IP information can be captured on CLIBut it cannot be confirmed in the GUITried PANOS version 8.1.5 and 9.0.0 Try some edl canSome can not be displayednot displayhttps://report.cs.rutgers.edu/DROP/attackerscanhttp://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txthttps://raw.githubusercontent.com/firehol/blockl...

Houran_0-1597934331356.png
Houran_1-1597934412758.png
Houran by L0 Member
  • 2248 Views
  • 1 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks