This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4230 Views
  • 0 replies
  • 0 Likes

Resolved! How to block malware getting executed?.

I would like to block malware files. On my gateway firewall, what filetypes should I block? . If I block only exe/DLL files getting dowloaded, will it help to avoid final malware getting executed ? What I would like to understand is, even if I allow communication with Command and Control (C2) servers, if I block executable/dll files, will it re...

Raja3000 by L0 Member
  • 6116 Views
  • 5 replies
  • 0 Likes

what do we exactly mean by threat prevention throughput of firewall ?

Hi Experts,I am always in doubt when someone asks how much PA 220 can support as far as throughput is concerned.In datasheet there are 2 throughput , firewall throughput ( 560 Mbps) and threat prevention throughput ( 260mbps).Customer has line of 2 active links 80mbps each ( 80*2 =160 ). Someone please explain what is exactly threat prevention ...

Palo Alto Support Going down hill

Is it just me or is Palo Alto Phone support going down hill. It use to be when you called within 15 min you had a tech but over the last 2 years its getting worst to get a human on the phone and opening a ticket online is no better. I opened a ticket as a Sev 2 and got a is this issue resolved request from the tech with 0 Troubleshooting from th...

Resolved! Routing by country/region.

Ok, Palo Gurus - I'm fairly new to the platform, but learning as quickly as I can. As best I can tell, although Palo maintains lists of IP ranges associated with countries - "Regions" (Great!), these can only be referenced in security policies (Stupid.) I tried referencing Regions both in the Static routing section of the Virtual Router (nope) ...

Decryption changes v9.0.4

We upgraded the firewall to v9.0.4 from 8.1.11h2 this weekend and came in to our hosted exchange / outlook profiles failing to load. I added the mail host server in the do not decrypt policy and a percentage of the users reported services normal. It was not until I disabled decryption completely until the entire network started working consisten...

Millette by L1 Bithead
  • 3249 Views
  • 1 replies
  • 1 Likes

Zone mapping in SDWAN

I find this document below hard to follow or understand. Can someone explain it to me in simpler terms? For example, suppose I have the following zones already: Trust, Untrust, VPN. What would this map to in SDWAN? What is zone-internal? Is that Trust? Where exactly is that used by SDWAN? https://docs.paloaltonetworks.com/sd-wan/1-0/sd-wan-admin...

BBartik by L2 Linker
  • 4474 Views
  • 2 replies
  • 0 Likes

Resolved! Configure Global Protect with username and password

Hi, I'm installing Global Protect on multiple windows devices that they are sharing the same username and password to authenticate with Global Protect.I'm trying to configure Global Protect client to add username and password to authenticate during the silent installation. Which means to add the username and password with command after or during...

xsuper23 by L0 Member
  • 9567 Views
  • 1 replies
  • 0 Likes

Wildfire statistics

Hi, I have a question related to Wildfire: We need wildfire statistics during the year 2019, inspected files, files with malware, files with grayware and files with pishing. Is there any way to collect this info? from PA or wildfire web? I can not find it 😞

BigPalo by L4 Transporter
  • 2424 Views
  • 1 replies
  • 0 Likes

Data Lake status SNMP monitoring

Hi everybody, we are quite often have a problem with logging to Data Lake. Mostly Data Lake certificate expires and is not being renew automatically, so logs are not being forwarded to Data Lake and XDR doesn't have info. Is there a way, how to monitor certificate status, or dropped logs counters using snmp? (it is drop counter in command debug...

IKE gateway is not allowed

Hi all, I've just installed a PA 3220 and there're dynamics VPNs tunnel. IKEs are up. However, phase 2 (tunnel) aren't coming up. Looking at the logs I see the following logs for all VPNs ."initiate negotiation to dynamic peer from IKE gateway is not allowed" My outside interface is allowing IKE and IPSec, I don't see packets being dropped.

WRibeiro by L1 Bithead
  • 7701 Views
  • 5 replies
  • 0 Likes

Policy Based Forwarding PBF based on destination country or self defined region?

Can this be accomplished without something like a Performance Routing service or hybrid WAN systems a couple companies offer? Is it a roadmap feature of PAN-OS PBF? PBF seems to be one of few things that do NOT support Regions.I'd like to PBF my connections to Country A through a different path than directly out my Country B firewall to achieve ...

bspilde by L4 Transporter
  • 6969 Views
  • 4 replies
  • 0 Likes

Monitor > Logs > Traffic - App-ID 'ping' not logging from endpoints.

Good day everyone and thank you in advance. Just to be sure I'm not losing my mind entirely - I thought I'd post up here and see if any veterans have any ideas. I was troubleshooting something earlier today with a re-IP on some printers traversing the PA's up to our Data Center behind ASA's. All was well with traversal, and the ASA's were gat...

MineMeld engine showing failed to start?

Hey guys, just attempted to setup minemeld . when we login to minemeld, i noticed that it is showing that minemeld engine has failed to started. attempted to restart engine but it does not seems to have any difference in results. we did harden the server according to CIS ubuntu standard so i'm not sure if that could be causing any issue. attac...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks