This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Log Parsing

Hi team, i am sending the firewall logs to a kibana for log analytic purpose and i ran into a minor issue i can not find a good working grok parsing for the logs that will actually work. any chances any one here done that and can help me with it ? Bets Regards,Alex.

TAP in environments with asynchronous routing

We have a situation where we can't get all the mirrored traffic to the same interface. But as it's asynchronour souting nevironment a packet can be mirrored to one interface and the reply to the other. So we need to connect 2 PA TAP interfaces to capture whole sessions. The question is will PA match the packets into same session if we put both i...

santonic by L6 Presenter
  • 4055 Views
  • 2 replies
  • 0 Likes

Reverse Proxy and X-forwarded-for

We use a load balancer to terminate SSL connections coming into our publicly accessible web servers from the Internet. The same load balancers are used as a reverse proxy. Because this produces a blind-spot for us, we have configured the load balancer to insert the real Internet IP into the XFF entry of the resulting inbound HTTP packet (we do...

Deleted rule still matching traffic

Hi team, We have experiencing something strange behaviour on one of our Palo Alto. Palo Alto is managed via Panorama, our costumer add a security rule directly to device (not using Panorama). We delete the rule on the device, so doesn't appears anymore on Palo Alto device, but traffic still match the rule... (You can saw it in Monitor, we dele...

nanukanu by L2 Linker
  • 3267 Views
  • 2 replies
  • 0 Likes

Custom Miner commit error : Unknown Node Class : minemeld.ft.azure.AzureChinaJSON in Azure-China-Min

Hello, I am trying to create a custom miner for Azure China feed. I have successfully tested it in one of the servers, but it doesn't let me commit when I create a Miner.Already applied the solution from https://live.paloaltonetworks.com/t5/MineMeld-Discussions/how-to-write-a-simple-miner-documentation/td-p/156793Below are the steps I followed:1...

Global Protect 8.1 - Building Clientless VPN but stuck on DNS-Proxy Setup

I am starting to build a clientless vpn setup, but I am getting errors when building a DNS Proxy and DNS Server Profile. I get this error msg. I tried ethernet, tunnels and loopback interfaces and they all failed. I tried following the instructions but i get the same error message. Does it matter if use the a loopback or tunnel interface? all of...

Resolved! Apple MACs and Global Protect VPN identification?

How are you identifying Apple Mac devices/making sure they are part of your organization before letting them connect through Global Protect? We have an MDM - that joins our MACs, but the User ID-MDM integration is proving to be a bit more difficult than I had plannned. Are most of you using a certificate that is exported to a machine, and or...

Sec101 by L4 Transporter
  • 4591 Views
  • 2 replies
  • 0 Likes

UDP Sessions Discarded (DUO timeouts)

Anyone experience any issues with 2FA timing out occasionally. For example, we have a weird situation where the 2FA integrated with DUO is working fine but after a week or two suddenly all users stop getting the push notification. Looking at the PAN logs, we see a discarded session and as soon as we clear that up, everything starts to work norma...

saadm204 by L0 Member
  • 2845 Views
  • 1 replies
  • 0 Likes

SSL Decryption: SHA1-Intermediate certificate gets decrypted, even if not allowed to

Hi paloalto community, I tested my new ssl decryption rules against the badssl dashboard ( https://badssl.com/dashboard/ ).So far it looks good. Unfortunately the check for sha1-intermediate doesn’t pass. Our PA-850 (Firmware 9.0.5) does create a secure connection to this site for the client ( https://sha1-intermediate.badssl.com/ ), even I conf...

2019-12-30 14_17_20-pa-1.png
2019-12-30 14_17_08-pa-1.png
2019-12-30 14_16_37-pa-1.png
mrkskhn by L1 Bithead
  • 6891 Views
  • 4 replies
  • 0 Likes

Resolved! How to block malware getting executed?.

I would like to block malware files. On my gateway firewall, what filetypes should I block? . If I block only exe/DLL files getting dowloaded, will it help to avoid final malware getting executed ? What I would like to understand is, even if I allow communication with Command and Control (C2) servers, if I block executable/dll files, will it re...

Raja3000 by L0 Member
  • 6191 Views
  • 5 replies
  • 0 Likes

what do we exactly mean by threat prevention throughput of firewall ?

Hi Experts,I am always in doubt when someone asks how much PA 220 can support as far as throughput is concerned.In datasheet there are 2 throughput , firewall throughput ( 560 Mbps) and threat prevention throughput ( 260mbps).Customer has line of 2 active links 80mbps each ( 80*2 =160 ). Someone please explain what is exactly threat prevention ...

Palo Alto Support Going down hill

Is it just me or is Palo Alto Phone support going down hill. It use to be when you called within 15 min you had a tech but over the last 2 years its getting worst to get a human on the phone and opening a ticket online is no better. I opened a ticket as a Sev 2 and got a is this issue resolved request from the tech with 0 Troubleshooting from th...

  • 24380 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks