General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 468 Views
  • 0 replies
  • 0 Likes

Resolved! Can you Exclude an address from your traffic search?

the following search string 
( app eq dns ) and ( port.dst eq 53 ) and ( addr.dst in 8.8.8.8 )

searches and displays all dns traffic using port 53 that has the destination ip of 8.8.8.8

I would like to know if I can look at all dns traffic traveling on

...

Expedition migration tool steps

Hello all,

 

I am planning to migrate our two checkpoint HA clusters (Active-Standby) with Palo Alto with the help of Migration tool. I never used migration tool ever. Can someone brief me steps to be followed for successful migration?

johnde by L2 Linker
  • 3379 Views
  • 1 replies
  • 0 Likes

Resolved! Configure WebGUI certificate from CLI (PanOS 9.0)

Dear all,

lost access to the WebGUI.

opaque: websrvr: Exited 4 times, waiting 1770 seconds to retry

 

Before that I received another email from the firewall:

opaque: Shared certificate xxx and corresponding key have expired.

(OK, I know, my fault)

 

So I sus

...

high MP CPU load due to appweb3 process

PA-5020, sitting on 8.0.4.

From time to time MP load increases rapadily due to appweb3 process going above 300%. Looking like this:

 

There is no direct correlation found between the spikes and actions taken within the GUI. Spike may go on for a while -

...

cpu-load.png
nikoo by L3 Networker
  • 8681 Views
  • 4 replies
  • 0 Likes

QOS Bandwidth Limitation Download & UPLOAD

I would like to understand bandwidth limitation steps on Internet download and upload

 

Example - lets say i want to restrict steaming url category on download and upload

 

1. create QOS policy to map traffic going to inside to Internet  youtube as Class

...

kan0062 by L1 Bithead
  • 7000 Views
  • 1 replies
  • 0 Likes

Resolved! After Forward Trust certificate is renewed

After Forward Trust certificate is renewed is there a way to validate the renewed certificate is working correctly from either GUI or CLI?
Device > Certificate Management > Certificates > Forward UNTrust Certificate

GP prompts for internal gw connectivity

Hi all,

 

I've deployed a GlobalProtect installation solely for the purpose of User-ID. The GP agent connects to the internal portal/GW (one box) upon login with Kerberos SSO. However, when the internal gateway is not reachable (user has no network, us

...

GP GW Prompt.png
Arne-VDH by L3 Networker
  • 8350 Views
  • 12 replies
  • 0 Likes

Resolved! API - Manage Users for VPN access

Hello Community,

 

i'm currently planing a project which should be able to control the VPN user access via the API.

It should be a simple tool where you just need to click a single button. The tool then activates or deactivates the user for that VPN via

...

JustAGuy by L1 Bithead
  • 3948 Views
  • 3 replies
  • 0 Likes

Resolved! TCPDUMP execution

 Hello,

 

I have to do a TCPDUMP to test the communication of my Active Directory because a have a problem with the User-ID service. 

 

I have read the documentation and I don't understand when says that the TCPDUMP captures the traffic that traverses th

...

iscott by L2 Linker
  • 2788 Views
  • 1 replies
  • 0 Likes

Resolved! Static Route Path Monitoring Clarification

Hi,

 

Let's say a scenario where I have a default route configured to go out interface 2 with a Metric of 10

 

Then I have another static route to go out interface 3 with metric of 5. On this route I setup path monitoring to ping an ip address that is ac

...

Resolved! NCAA 2020 App-ID

Is there any timeframe for when the new NCAA app-id's released for March Madness?  I found the 2017 app-is signatures, and a link for the 2018 signatures but was not able to access the files.

  • 24087 Posts
  • 116 Subscriptions
Labels