This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4118 Views
  • 0 replies
  • 0 Likes

Resolved! Unsupported Cloud Type For Remediation

Given the Prisma Cloud SaaS, I am trying to create my 1st custom policy to detect and remediate overly permissive SecurityGroupIngress rules in AWS cloud.My RQL below is valid and returns a half-dozen or so results...event where cloud.type = 'aws' AND cloud.account.group = 'Test' AND operation IN ('AuthorizeSecurityGroupIngress') AND json.rule =...

TommyHunt by L3 Networker
  • 3777 Views
  • 1 replies
  • 0 Likes

Resolved! SLR Report - Get stats-dumb

Hello @all,I would like to get a stats-dumb file which will be later used to generate an SLR report.Since the timeframe (1 Week) via the PA GUI is not long enough for us, I use CLI with the following command to generate the file: tftp export stats-dump start-time equal 2018/12/01@10:00:00 end-time equal 2018/12/31@10:00:00 to 10.164.15.27 !info:...

PAN1.PNG
PAN2.PNG
husetech by L2 Linker
  • 10198 Views
  • 4 replies
  • 0 Likes

High CPU Usage causing dropped packets..can't find what is causing it

ACC isn't really telling me all that much except for a couple of end hosts with a fair amount of sessions so I blocked those but still doesn't seem to have helped whatsoever. I tried restarting the data plane as well to no avail. Can someone help me figure out what is going on here? Resource monitoring sampling data (per second): CPU load s...

drewdown by L4 Transporter
  • 5791 Views
  • 4 replies
  • 0 Likes

GlobalProtect dns dynamic updates

We deny DNS outbound except for domain controllers. I noticed a lot of denied DNS entries on the firewalls for users coming through globalprotect. Looking at the packet captures, the traffic is destined to the domain name's public name server ip address. The payload are "dynamic updates SOA <domain name>" This is a DNS split-brain envi...

MikeC by L3 Networker
  • 7904 Views
  • 7 replies
  • 0 Likes

Email Scheduler Not Working Consistantly

Hey Everyone, I am running into an issue where custom reports that I have built that are sent on a daily basis aren't being sent consistently. I have 3 different Email Server profiles being used in four different Email Schedulers sending two different custom reports due to the limitations of allowed addresses in Email Server profiles and only be...

Palo Also email.jpg
Palo Also email 2.jpg

Superuser cannot access Edge FW

Our PAs were recently setup by a now former contractor and all templates appear to be the same. However, while our new contractor is able to access all of the internal FWs, he is not able to access our edge FW. Any ideas?

DAG and Panorama

When looking at Dynamic Address Groups along with Panorama, it almost looks like this can't be done unless you are using NSX. I setup the VM Source on one of my firewalls and I can do a DAG, but it doesn't transfer back to Panorama inorder to use it in a policy. If you are managing Policies and Address groups from Panorama this becomes almost ...

gzygadlo by L1 Bithead
  • 3222 Views
  • 1 replies
  • 0 Likes

Global protect app require admin credential to upgrade in transparent mode?

Global protect app require admin credential to upgrade in transparent mode?We want to upgrade agents from 4.0.2 to 5.0.8 in transparent mode. Can we upgrade from 4.0.2 to 5.0.8 directly ?Also user machine ask for admin credential when we install any kind of software. So we want to confirm before enabling transparent mode for agent upgrade.

Deepak_K by L3 Networker
  • 7061 Views
  • 3 replies
  • 0 Likes

Block Brute Force RDP attempts

I have a Palo Alto 820 up and running, and one of its roles is to publish an terminal server (on its default port3389, the Terminal Server have an 2 factor authentication mechanism.) I see lots of connections, and i would like to block this brute force attempts, so I configured a Vulnerability Protection Profile which blocks threats with host ty...

Sjoerd by L2 Linker
  • 14132 Views
  • 7 replies
  • 0 Likes

Zone Protection - Reconnaissance

Hi, Are there any best practice settings for the reconnaissance portion of the zone protection profile. I see the default has the below. Is it recommended to leave as defaults or does someone have a better recommendation? TCP Port scan 100 events within 2 secondsUDP Port scan 100 events within 2 secondsHost Sweep 100 events within 10 seconds

MikeC by L3 Networker
  • 4405 Views
  • 3 replies
  • 0 Likes

Resolved! GlobalProtect Gateway is not licensed

Hi, I'm working on home lab and tried to configure clienetless global protect eveything went well expect when i authentate the user i got this message " GlobalProtect Gateway is not licensed. Contact system administrator. ", however during my reading on palo alto materials it says it don't require a license " https://docs.paloaltonetworks.com/g...

aymenata by L0 Member
  • 7849 Views
  • 3 replies
  • 0 Likes

GP Split Tunnel with Microsoft O365/Microsoft Teams & GP License

Hello All, It appears that the large list of IPs and domains to completely enable split-tunneling with GP for O365 & Microsoft Teams requires the GP license to facilitate defining domain names in addition to IP networks (which I understand works without a license). Are you able to split tunnel O365 and/or Microsoft teams without a license? ...

jhwarren by L1 Bithead
  • 3729 Views
  • 1 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks