This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4221 Views
  • 0 replies
  • 0 Likes

Is it compulsory to use costume application in rule

We have used application over ride for specific app and name is "server_443" and its working fine, we are able to see that application is showing in traffic logs. In access rule i have allowed any application from trust to untrust zone. My query is that is it compulsory to use costume application in security rule?

Software updates on support portal is blank

Is anyone else having issues with software updates page being blank on support portal? I see dynamic updates are displayed but not software updates. I have tried Firefox, safari & chrome with no luck.

zarinaSF_0-1595970634576.png
zarinaSF by L0 Member
  • 2888 Views
  • 2 replies
  • 0 Likes

Universities experiences with SSL Decryption?

Greetings all, I'm looking for other admins' experiences with utilizing the SSL Forward Proxy decryption options in a university environment. General overall experiences would be good but, specifically, I'm wondering about: Did you go SSL Decrypt everywhere or only on certain networks (i.e. academic networks but no residence networks for on-cam...

jsalmans by L4 Transporter
  • 8951 Views
  • 11 replies
  • 0 Likes

can we push dns security enabled anti-spyware profile to panos 8.1

We are managing 4 location firewalls from Panorama. Panorama and one of the location is on 9.0.9-h1. Rest of the location firewalls are on 8.1.5.We have activated DNS security licence on that upgraded firewall which is running on panos 9.0.9-h1.We are using shared anti-spyware profile for all firewalls. If we enable DNS security setting in same...

Deepak_K by L3 Networker
  • 2384 Views
  • 1 replies
  • 0 Likes

Behaviour of NAT and Security Rules along with intrazone -default rule.

Hi Gang,Still getting grips to everything so would love your help in understanding the behaviour of traffic when it is NATed and allowed. The Scenario: Zones: outside and insideA DNAT rule from outside-to-outside that NATs 1.1.1.1:22 which translates to 192.168.1.1:22A security policy that from outside-to-inside traffic for 1.1.1.1:22Result:Any...

Blocking Pacman on Google Doodle

We have been trying to block the following website to stop students at our school playing Pacman https://www.google.co.uk/search?hl=en&site=webhp&source=hp&q=pacman&oq=pac&gs_l=hp.1.0.0l3j0i131k1j0l6.965.1399.0.3543.3.3.0.0.0.0.32.89.3.3.0....0...1.1.64.hp..0.3.87.NoYdh0ojI_E#clb=clb&spf=1495713448440Obvioulsy we want th...

Active/Passive Firewalls w/Different ISP Default Routes

I have two PA 5220s running active/passive and HA but connecting to dual ISPs. In a failover situation the passive firewall would assume the active firewalls default route but physically has a connection to the backup ISPs gateway not the active ISPs. How do I configure this active/passive config to allow the passive firewall to route to the bac...

Resolved! Newbie in need of help: Forwarding traffic logs to a syslog server

Hi community, I need to forward all traffic and threat logs to a log collector. I understand most of the process except the security policy part. Once I create a syslog server profile and then a log forwarding profile, I then need to use that log forwarding profile in my security policy. Our firewalls have many rules and my only instructions hav...

damom10 by L1 Bithead
  • 3732 Views
  • 2 replies
  • 0 Likes

Active sessions across inactive vwire

Just curious about what I'm seeing. I have two interfaces that are in a vwire. The switch interfaces which go to the the FW were shut down last week yet looking on the firewall, I see that there are still active sessions which show these two interfaces as the ingress and egress points. These sessions would have been established before the inter...

epeeler by L2 Linker
  • 2350 Views
  • 1 replies
  • 0 Likes

Resolved! Incorrect Rule Assignment UrlCategory Any

External ipaddress 23.35.182.93 is getting incorrectly mapped to a rule "Permit Intranet Sites". The rule uses a Urlcategory for Intranet sites and the destination has trust/untrust zones with a negate on one specific destination address. What might cause the firewall to misapply rules if the dns to ipaddress mappings are effectively static? I a...

Getting intermittent unknown UDP traffic logs

Hi All , I am having policy having application group and set services as application default . Sometime policy is working fine but sometime its dropping packet and in logs showing application unknown UDP. Could you please suggest any troubleshooting steps here ? I did packet capture but not seeing any this specific which can indicate any issue...

deepak12 by L3 Networker
  • 5747 Views
  • 4 replies
  • 0 Likes

Resolved! Fresh install on Ubuntu via apt won't login (ERROR CHECKING CREDENTIALS)

I've just followed the instructions (https://live.paloaltonetworks.com/t5/minemeld-articles/manually-install-minemeld-on-ubuntu-16-04/ta-p/253336) for setting up a fresh install of MineMeld on Ubuntu 16.04 LTS (on Azure, in this case). Followed every single step, including the reboot at the end. All of the services show as being in a RUNNING s...

RuscalR by L0 Member
  • 3588 Views
  • 1 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks