This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4228 Views
  • 0 replies
  • 0 Likes

Resolved! minemeld-engine FATAL Exited too quickly (process log may have details)

MINEMELD 0.9.44 2018-01-30T13:55:26 (4857)mgmtbus.checkpoint_graph INFO: checkpoint_graph called, checking current state2018-01-30T13:55:26 (4857)mgmtbus.checkpoint_graph INFO: graph status None, checkpoint_graph ignoredTraceback (most recent call last):File "/opt/minemeld/engine/current/bin/mm-run", line 11, in <module>sys.exit(main())Fil...

IrekSw by L1 Bithead
  • 12791 Views
  • 13 replies
  • 0 Likes

Export traffic logs in CSV

Hello All, I have tried to export logs from firewall its reach limit up to 1048576 rows, this is only for 3hr logs can anyone have the option to filter logs or can we exceed this limit.?

proxy_arp_pvlan

Hi all, I was dealing with a scenario recently which I eager to use the Palo Alto firewalls.In my design, it is a must to use the feature which is called ARP alias in Cisco terms, and ARP publish in Juniper terms. In case of Linux as Palo Alto is using is proxy_arp_pvlan.the explanation regarding to the proxy_arp_pvlan is as follows which is der...

seek_2 by L1 Bithead
  • 6625 Views
  • 3 replies
  • 0 Likes

Resolved! types of PA firewall inspection

Hello community! I have a question, checking my stick high firewall, I wanted to know if in my firewall I could configure the inspection mode. I have seen another product from another manufacturer that has 2 inspection modes that are the flow mode and the proxy mode. I would like to know if in stick high I also have that functionality available,...

HIP Check licensing expired

I thought that HIP check licensing expiration (trial version), would cause any rules on the FW - using a HIP check profile column to not match. Instead, it appears that it causes the firewall to simply not care about that column at all.... and allow traffic through, on the rule with the HIP check profile specified, even if you are out of compl...

Sec101 by L4 Transporter
  • 3642 Views
  • 3 replies
  • 0 Likes

Resolved! Global Protect Saving User Credentials Security?

After reviewing a few documents, I'm hearing that doing this is not a best practice.... If I choose to do so, does anyone know where those credentials are saved and how they are saved in the agent on the endpoint? I'm guessing encrypted cookies are the way to get around this with longer validity times?

Sec101 by L4 Transporter
  • 31930 Views
  • 13 replies
  • 0 Likes

TCP TimeOut caused by the PA?

We have a video app that is streaming through our Palo Alto firewall on port 80. Everyone once in a while the session fails and can only be revived by hitting refresh in the browser. I am dealing with a network manager that's convinced the PAs are Resetting the session.Before I go through the hassle of creating override policies for port 80 with...

jhickey by L3 Networker
  • 21636 Views
  • 15 replies
  • 0 Likes

Resolved! How to configure Juniper SRX firewall services in Palo Alto 3220

root@srx# show groups junos-defaults applications application junos-ms-rpc-uuid-any-tcp term t1 protocol tcp uuid ffffffff-ffff-ffff-ffff-ffffffffffff; [edit] root@srx# show groups junos-defaults applications application junos-ms-rpc-uuid-any-udp term t1 protocol udp uuid ffffffff-ffff-ffff-ffff-ffffffffffff;Juniper SRX is haveing in-built serv...

Resolved! Query About Policies Security Rulebase Report

Hi Team, When we export a "policies security rulebase report" which shows unknown format like below, Note: Current firmware version is PAN-OS 8.1.10 when on PAN-OS 8.1.9 we could view correct values! Did anyone faced this issue? please let us know whether its because of bug? please advise us whether we need to upgrade or downgrade the PAN-OS or...

policies security rulebase.PNG

Global protect app transparent update issue

Hi Team, I have an issue, where customer is not able to update global protect app using transparent option. I'm explaining the issue in very detail to avoid confusion. User machine is installed with client version 2.3.1. During the time of deployment portal app setting was configured to upgrade "allow user to upgrade with prompt" Now global prot...

Windows, Kerberos, LDAP, RADIUS

Hi! My company is rolling out a small pile of Palo Alto firewall models and I'm trying to learn the nuances and best practices of these devices. Initial implementation and basic functionality has been pretty straightforward. Now we are trying more advanced things. My current issue is user authentication. I have a scenario that I feel must be ver...

Resolved! PAN Syslog: Verifying the device is sending to all the configured

I added an additional syslog destination on three of my PANs but I'm only seeing that traffic at an intervening PAN for two of the sources. I've used the troubleshooting methods noted here: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClqICAS - but those are only showing me one syslog destination when four are config...

palomed by L3 Networker
  • 32849 Views
  • 8 replies
  • 0 Likes

GlobalProtect not working if laptop has no internet at boot

I have prelogon setup for globalprotect using machine certificates, so that when a laptop boots up with internet is automatically connects to globalprotect. This works perfectly fine, except for when a laptop does not have internet access. If a laptop does not have internet access, then globalprotect just errors out and does not try to reconne...

How to identify app data vs differen in traffic recieved on app data

Hi Guys, Lets say I have application SAP that allows port 8443 but looks like APP-ID is not getting matched and we are getting insufficent data followed by deny rule , question is how can we look for difference between expected application data and difference we are seeing. Just to approve application owners this is pattern we are looking for bu...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks