General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Join the Fuel User Spark Event on March 19: Dealing with Threats !

 

Join us at the Fuel User Group Spark Event on March 19!

 

Get ready to ignite your cybersecurity knowledge and connect with industry experts at our upcoming Spark event hosted by the Fuel User Group. Whether you're a seasoned professional or just

...

kiwi_0-1709893724672.jpeg
kiwi by Community Team Member
  • 281 Views
  • 1 replies
  • 2 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3163 Views
  • 2 replies
  • 14 Likes

Suspicious DNS Domain addition

Hello, is there a way to report suspicious DNS domains to Palo Alto for inclusion on the Palo Alto suspicious DNS query list?  we have a domain which various threat intelligence sources report as suspect/risky but it does not appear in the Palo Alto

...

new CA Sectigo(formerly Comodo) not trusted

Hello. 

We are having a minor issues on one of our customer firewalls performing decryption. 

it seems certain sites. that have a certificate issued by sectigo. 
chain

root: Sectigo

intermediate: Sectigo RSA Domain Validation Secure Server CA

site certific

...

SSL Certificate for Global Connect

Hi All,

 

I have a users who plan to connect their phones (To use a soft phone app for the PABX) and laptops to the internal network from outside, i have setup the global connect gateway and portal and tried to use self signed cert but it is not workin

...

Resolved! CLI URL filter, change Site Access?

I am trying to determine how to change the Site Access of the new URL categories (cryptocurrency and grayware).  By default, they are Allow, and I want them to be Alert.  I can do this via CLI w/ the command from config mode below. 

set shared profile

...

BoDollis by L2 Linker
  • 2669 Views
  • 1 replies
  • 0 Likes

Resolved! Upgrade to PANOS 7.1

I'm looking at getting a Palo Alto used.  A lot of the units are pan os 4, 5 or 6.  For a PA-500, for example, can I get a 5.x OS and upgrade it to 7.1?  Does this require a support contract to upgrade it?

RustyPA by L1 Bithead
  • 8673 Views
  • 7 replies
  • 0 Likes

Resolved! Scheduled Policy not terminating existing session

Hello everybody,

 

I have a PA-220 and setup a rule that my children cannot access the internet after 8pm. This is working but only for new sessions. Existing sessions like TeamSpeak or BattleNet started before 8pm are still open. Can I somehow kill al

...

Resolved! The sporadic syslog sender

I recently adding a new syslog destination at this new to me site and noticed something I hadn't seen before. That is that the sending of syslog data according to PAN Monitoring is send sporadically and in big bursts. For example when I added the new

...

palomed by L3 Networker
  • 3836 Views
  • 4 replies
  • 0 Likes

Dynamic updates constantly failed

Hi there

 

Is there any known issue with Dynamic Updates? Our firewall can't get updates in the last 4 hours. The last update we got was around 4pm (GMT+10). The traffic log is showing incomplete. 'show url-cloud status' shows Cloud connection: not con

...

myocella by L0 Member
  • 3021 Views
  • 4 replies
  • 0 Likes

Resolved! financial-services is exempt from decryption still decrypt error

PA running 8.1.9  we have rule from any source any zone do not decrypt financial-services category.

CLI  test 

 

test decryption-policy-match source 10.x.x.x  destination 23.249.200.33 category financial-services

Matched rule: 'No_Decrypt' action: no-dec

...

MP18 by Cyber Elite
  • 3886 Views
  • 7 replies
  • 0 Likes

Identify syslog type for User-ID parse

I'm in the process of implementing User-ID and want to parse syslog logs. the predefined parse profile don't appear to be a match, as I'm looking to pull syslog from my domain controller. However, my Active Directory team can't provide me with a samp

...

firewall rule using cli

Hi All ,

 

I ma having firewall managed using Panorama. 

 

I am trying to verify security rule on firewall itself using below :

 

config  

show rulebase security rules <rulename>  , however its not showing any output .

 

Could you please confirm if this is co

...

deepak12 by L3 Networker
  • 2160 Views
  • 2 replies
  • 0 Likes

Traps is blocking chain

Hi,

 

We have a legitime application which is running a script. This script and the chain is detected by traps as threat. So we would like to configure an exception for this  

 

cmd.exe --> cscript //E:JScript //nologo "C:\ProgramData\signature\sign.bat"

...

BigPalo by L4 Transporter
  • 2019 Views
  • 2 replies
  • 0 Likes
  • 24090 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors
Labels