General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 195 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 878 Views
  • 0 replies
  • 0 Likes

Resolved! financial-services is exempt from decryption still decrypt error

PA running 8.1.9  we have rule from any source any zone do not decrypt financial-services category.

CLI  test 

 

test decryption-policy-match source 10.x.x.x  destination 23.249.200.33 category financial-services

Matched rule: 'No_Decrypt' action: no-dec

...

MP18 by Cyber Elite
  • 4800 Views
  • 7 replies
  • 0 Likes

Identify syslog type for User-ID parse

I'm in the process of implementing User-ID and want to parse syslog logs. the predefined parse profile don't appear to be a match, as I'm looking to pull syslog from my domain controller. However, my Active Directory team can't provide me with a samp

...

firewall rule using cli

Hi All ,

 

I ma having firewall managed using Panorama. 

 

I am trying to verify security rule on firewall itself using below :

 

config  

show rulebase security rules <rulename>  , however its not showing any output .

 

Could you please confirm if this is co

...

deepak12 by L3 Networker
  • 2849 Views
  • 2 replies
  • 0 Likes

Traps is blocking chain

Hi,

 

We have a legitime application which is running a script. This script and the chain is detected by traps as threat. So we would like to configure an exception for this  

 

cmd.exe --> cscript //E:JScript //nologo "C:\ProgramData\signature\sign.bat"

...

BigPalo by L4 Transporter
  • 2394 Views
  • 2 replies
  • 0 Likes

CSR Certificate Issue

Hello Team,

 

Three year before ,One of my customer is generated the certificate from linux machine and sent it to comodo for third party sign.

Now they got new palo alto firewall and he is trying to install that certificate on palo alto but while insta

...

Interrogate External Server for UserID

Hi,

We have a use case where, upon detection of a session with an unknown userID, we'd like the Palo firewall to interrogate an external service via REST API for the UserID/IP address mapping.  

I appreciate the normal way is to prepopulate the Palo or

...

Resolved! How to enable all disabled application in fast way

Hello Team,

 

Please let me know how we can enable all disabled application in faster way.During dynamic updates of Application and Threats customer clicked on  'Disable new apps in content update,' so there are total 700 application disabled and i fou

...

dmodi by L2 Linker
  • 5593 Views
  • 2 replies
  • 0 Likes

Resolved! GloablProtect

Hello Community,

 

I am new to palo alto. we have deployed some firewalls in our company. I am trying to configure globlalprotect on the branch offices to add more gateways. I have an extra internet connection at one location and wanted to know if its

...

Globalprotect.PNG

Blocking Google Images

Howdy everyone,

 

We have a strict internet usage vlan where users can only hit an Approved List of URLs that we manage through Panorama.  The issue is that some of these fights reference Google as part of the CDNs so we've had to allow them in to the

...

Email Alert Subject Line.

Hi team,

 

Is it possible to customise the Email alert subject line ..??  

For Example : 

Default - Sub: "The VPN XYZ tunnel is down"

Customised - Sub: "The VPN XYZ tunnel is down, Need immediate attention".

Resolved! Palo Alto keep client IP

Hi,

 

Is possible to keep in Palo Alto the client IP although PA is doing a source NAT to reach internet?. A service in the cloud needs to know the client IP. Something like XFF. 

BigPalo by L4 Transporter
  • 2537 Views
  • 1 replies
  • 0 Likes

Resolved! Traffic log shows decrypted for blocked traffic

 

We have not enabled ssl decryption for specific subnets.

When I see the traffic logs I see ssl decrypted is checked and traffic is denied.

 

I verify that I see decrypted flag for all traffic that is blocked in url category.

 

Need to know reason for thi

...

MP18 by Cyber Elite
  • 2965 Views
  • 3 replies
  • 0 Likes
  • 24011 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels