This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

DNS resolution is not happening after connected the Global protect

Hi Team 1. After connected the global protect DNS resolution is not happening. but i can able to do ping 8.8.8.8. 2. In nslookup google.com also resolved. But if I ping the same google.com dns is not resolving. 3. If I browse any website, that is not working due to dns resolution issue. My dns IP is 8.8.8.8. Is anyone experienced like this type...

Resolved! Configure Captive Portal--URL Filtering

Running a PA-820 Software Version8.1.10 I run a bandwidth usage report that shows ip addresses using bandwidth, but no domain username. How can I get the non-Domain devices such as byod to authenticate to the network before gaining network access? My goal is to be able to run a report and see which devices and which credentials are using bandw...

Block file-sharing in ms-rdp

Hi Palo Alto community, Hope all of you are doing well.May I ask for assistance in blocking file-sharing in ms-rdp? here is the scenario:1. User is connected to the globalprotect VPN2. Vpn user uses ms-rdp to remote Virtual PC behind the firewall3. We are trying to block file sharing over this application(ms-rdp)we have checked this knowledgebas...

Resolved! Admin account Reason: Password expired. User Locked out

PA Firewall local Administrator account is locked out.ReadOnly Account from which we are able to log in as of now. The device is standalone & the following service is not available like AD credentials / RADIUS or TACACS. Only local devices. its any way to do without maintains Mode for reset or recover the password?

Bug: 8.1.7/8.1.8 PA-5200 AUX Ports

Just FYI,There is currently a bug within 8.1.7 and 8.1.8 that renders the AUX ports inoperable on the PA-5200 series, which depending on your configuration can cause issues. The Bug ID is PAN-105737 and it's been fixed in 9.*, but you might want to hold off upgrading until its been fixed or update your configuration to remove dependency on AUX i...

BPry by Cyber Elite
  • 11050 Views
  • 10 replies
  • 2 Likes

Resolved! Trying to trackdown O365-api-any-any.txt file for MineMeld

Hi All,I am in the process of deploying MineMeld for O365 endpoints and I am completely stuck. Following this article:https://live.paloaltonetworks.com/t5/minemeld-articles/enable-access-to-office-365-with-minemeld-updated/ta-p/224148 I it mentions To save you the hassle we've created a set of configurations you can import. Unzip the attached f...

ccarter by L1 Bithead
  • 5683 Views
  • 3 replies
  • 0 Likes

Resolved! Disney+ domain being sinkholed as DNS tunneling domain

This morning I starting noticing that my threat logs are filling up withsinkhole actions for the followingSuspicious DNS Query (search-api-disney.svcs.dssott.co)Suspicious DNS Query (dssott.com) Threat TypespywareThreat NameDNS Tunneling DomainID109001001 (View in Threat Vault)Categorydns-securityContent VersionAppThreat-0-0SeverityhighRepeat C...

Resolved! Manage Traffic within two vsys

Hi, How to route traffic between two vsys on same firewall? Currently when I am trying to put policy, I am not able to see required destination under security policy which belongs to other vsys on same firewall. Does it require some specific configuration?

Vikashh by L2 Linker
  • 4511 Views
  • 2 replies
  • 0 Likes

Custom report for phishing prevention

Is there a way to generate a custom report of users/sites that have entered credentials? I checked under the URL database but don't see a Credential Detected column there that I could pull in. Anyone have a method of generating a report from the phishing prevention feature?

Internet service down

Dear All,I was facing disconnection issue with our internet firewall, cannot ping to LAN interface, all services related to the LAN interface was down like internet connection, MPLS and DMZ Zone, once I reboot the firewall everything back normally and the Lan interface working fine, we need to investigate to avoid the issue in future. I have che...

Multi vsys license requirement

Hi, I am using PA3200 firewalls and require multi vsys capability.I need 4 vsys, so shall I need to purchase a license for 3 vsys only?ORA multivsys license can activate all supported vsys ? Thanks.

shapath by L0 Member
  • 6261 Views
  • 3 replies
  • 0 Likes

TCP-RST-FROM -CLIENT /SERVER for a category license-expired

Hello Community. I have been observing the logs coming from one server that is behind the PA-FW and while going around the VM, trying to connect to the Azure admin portal, I have observed that it has a slow connection for a 600-700Mbps. While trying to track the logs from the firewall it shows that traffic is having TCP-RST-FROM-CLIENT or TCP-RS...

azure.PNG

Resolved! I cannot use an EDL in URL Filtering or SSL No Decrypt Policy

Thanks for any help you can offerPanorama 9.1 instructions show this image about using edl's as part of a url filtering or ssl decryption policyHowever even though I have several EDLs configured and working I am not given that option. See images belowHow can i enable this functionality.Here is a screenshot of my edlsAnd here is were I am missing...

edl listed.jpg
edl list.jpg
No List.jpg
LeeRRoss by L0 Member
  • 3176 Views
  • 1 replies
  • 0 Likes

Unable to get proper report

Dear Team, We are not getting proper report for Last calendar month using query builder i.e (zone.src eq VPN) and destination is any and report has generated from 17 April to 23rd April.When use query builder i.e (zone.src eq VPN) and (zone.dst eq LAN) it is showing whole month report i.e starting from 1st April to 30th April. RegardsKarthikey...

  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks