This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4117 Views
  • 0 replies
  • 0 Likes

Resolved! Minemeld - Configure aging in MISP integration

Hello,I set up and configured MISP node in Minemeld.From MISP instance Minemeld is able to pull indicators without error.Analyzing the log of these indicators I noticed that the parameters first_seen and lasts_seen belong to the feeds list instead that to the indicators itselfThis is an issue in order to manage the aging of indicator.Is it a kno...

FW_SIM by L1 Bithead
  • 3854 Views
  • 3 replies
  • 0 Likes

Windows Notification SECURITY_PRODUCT_STATE_ON

After updating traps to the latest version on a Windows 10 Pro machine, protection notifications from viruses and threats keep popping up.Evend log 16 SecurityCenterFailed to update Cortex XDR ™ Advanced Endpoint Protection status to SECURITY_PRODUCT_STATE_ON. Does someone know how to solve this problem? It is maddening.

Panorama push commit fails on logging profile that is not used on FW

On Panorama, we have several logging profiles setup at shared/parent DG level. Two of the logging profiles reference server profiles that are defined in on some Device Templates (FW-A)...and not on others (FW-B). When we push configs down to FW-B, the commit fails. A) FW-B doesn't have the server profile defined in the Device Template (obviou...

rolinger by L2 Linker
  • 2818 Views
  • 1 replies
  • 0 Likes

Admin password is expiring

We have configured password profile and getting notification for that at the time of login. My query is that can i modify after admin password expired or can i get pup-op for assign new password after grace period over.

password expire.PNG

Domain Credential Phishing - LDAP fails to bind

Hi all, I have been setting up the domain credential phishing with a colleague and we have run into an issue where the service account is unable to bind to the LDAP on the RODC. We have followed the troubleshooting guidelines in the following document but unfortunately we still hit the same issue. Has anyone else experienced this issue or knows ...

Resolved! Migrating from PA-200 to 220 with HA

Hi all, I am trying to migrate one of our customers from a PA-200 to a PA-220 AND add create an HA cluster with active/passive configuration with two PA-220's I was wondering, what approach would you take in regard to achieving the above outcome? 1. Would you first configure the PA-220 in an HA configuration then migrate the configuration to the...

MihirL by L0 Member
  • 7645 Views
  • 4 replies
  • 0 Likes

Is it compulsory to use costume application in rule

We have used application over ride for specific app and name is "server_443" and its working fine, we are able to see that application is showing in traffic logs. In access rule i have allowed any application from trust to untrust zone. My query is that is it compulsory to use costume application in security rule?

Software updates on support portal is blank

Is anyone else having issues with software updates page being blank on support portal? I see dynamic updates are displayed but not software updates. I have tried Firefox, safari & chrome with no luck.

zarinaSF_0-1595970634576.png
zarinaSF by L0 Member
  • 2846 Views
  • 2 replies
  • 0 Likes

Universities experiences with SSL Decryption?

Greetings all, I'm looking for other admins' experiences with utilizing the SSL Forward Proxy decryption options in a university environment. General overall experiences would be good but, specifically, I'm wondering about: Did you go SSL Decrypt everywhere or only on certain networks (i.e. academic networks but no residence networks for on-cam...

jsalmans by L4 Transporter
  • 8802 Views
  • 11 replies
  • 0 Likes

can we push dns security enabled anti-spyware profile to panos 8.1

We are managing 4 location firewalls from Panorama. Panorama and one of the location is on 9.0.9-h1. Rest of the location firewalls are on 8.1.5.We have activated DNS security licence on that upgraded firewall which is running on panos 9.0.9-h1.We are using shared anti-spyware profile for all firewalls. If we enable DNS security setting in same...

Deepak_K by L3 Networker
  • 2366 Views
  • 1 replies
  • 0 Likes

Behaviour of NAT and Security Rules along with intrazone -default rule.

Hi Gang,Still getting grips to everything so would love your help in understanding the behaviour of traffic when it is NATed and allowed. The Scenario: Zones: outside and insideA DNAT rule from outside-to-outside that NATs 1.1.1.1:22 which translates to 192.168.1.1:22A security policy that from outside-to-inside traffic for 1.1.1.1:22Result:Any...

Blocking Pacman on Google Doodle

We have been trying to block the following website to stop students at our school playing Pacman https://www.google.co.uk/search?hl=en&site=webhp&source=hp&q=pacman&oq=pac&gs_l=hp.1.0.0l3j0i131k1j0l6.965.1399.0.3543.3.3.0.0.0.0.32.89.3.3.0....0...1.1.64.hp..0.3.87.NoYdh0ojI_E#clb=clb&spf=1495713448440Obvioulsy we want th...

Active/Passive Firewalls w/Different ISP Default Routes

I have two PA 5220s running active/passive and HA but connecting to dual ISPs. In a failover situation the passive firewall would assume the active firewalls default route but physically has a connection to the backup ISPs gateway not the active ISPs. How do I configure this active/passive config to allow the passive firewall to route to the bac...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks