This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4244 Views
  • 0 replies
  • 0 Likes

Safe Search Issue

Transparent safe search is not enforced for networks which are using the PA box for DNS proxy. I have enabled Safe Search tick in URL filtering. Still no go. We have enforced with local DNS servers and that is working. However the interfaces using PA DNS proxy do not. I have ensured that each outgoing security policy is set to use the correct UR...

Proxy.jpg

PA-850 - how to protect

Hi If I wanted to protect a PA850 from unknown devices connecting. so 1 port to the local ISP.6 ports for laptops to directly connect.How / what is the best way to make sure only pre defined laptops can connect.Mac filtering ??? Think that is easily by passed802.11x - how easily is it to manage what other option do I have.GP - I want to run GP a...

Resolved! IS it possible to delete the crashinfo file

when i run command show system files /var/cores/:total 4.0Kdrwxr-xr-x 2 root root 4.0K Jan 10 00:15 crashinfo/var/cores/crashinfo:total 0/opt/var.dp2/cores/:total 4.0Kdrwxrwxrwx 2 root root 4.0K Jan 10 00:15 crashinfo/opt/var.dp2/cores/crashinfo:total 0/opt/var.dp1/cores/:total 4.0Kdrwxrwxrwx 2 root root 4.0K Jan 10 00:1...

MP18 by Cyber Elite
  • 5702 Views
  • 4 replies
  • 0 Likes

Resolved! Blocking punycode URLs

We have PA-820's and I have been looking for a way to leverage them to block punycode attacks. In fact, we'd be pretty OK with blocking punycode URLs altogether. I just haven't been able to puzzle out a way to do it. If I add xn--* to the URL filter block list, it complains that I have multiple wildcards. If it add just xn-- the firewall acc...

PA850 10gb sfp+

HiAfter connecting sfp+ 10gb - we are seeing high latency and high Packet Descriptors (almost 100)any ideas?We are using brand new Dell certified DAC cables:DLCAB-SFP+10Gb

chens by L3 Networker
  • 2479 Views
  • 1 replies
  • 0 Likes

Configuration settings for Syslog forwarding in Palo Alto UTM

Hi Team, We have integrated Palo Alto UTM v8.1 with LogRhythm. We have enabled syslog on UTM and we are receiving logs on LogRhythm. The issue is not all the fields are getting captured in the logs (we verified this in raw logs received at LogRhythm). Please find the below details which aren't captured. Threat Logs: -Threat ID not capture...

User Activity report not showing full activity

Hi Team, User Activity report only shows detailed web browsing activity for few days (3-4) when report is generated for longer time frame e.g 7 days or 30 days or custom time frame. root partition is at 87% and /opt/panlogs at 71%. Any suggestions how to correct this behavior? Best Regards,

User-ID using internal global protect and Azure Active Directory

Hi all, I've setup SAML SSO based authentication to global protect with Azure Active Directory. I'm wondering if i can take this a step further by using internal global protect gateways and using global protect for USER-ID? If i did this, how would i go about setting up user based policies on the palo? effectively allowing me to allow/deny traf...

TomDow by L0 Member
  • 7271 Views
  • 3 replies
  • 0 Likes

Resolved! Changing master key on Log Collector within the same Panorama

Scenario:Panorama (in Panorama mode) with single local Log CollectorA/A cluster of firewalls managed by this Panorama We managed to change the master key on Panorama and both firewalls. But trying to change the master key of the single local Log Collector on this same Panorama fails with "Failed to schedule deploy masterkey job". Is it even necc...

santonic by L6 Presenter
  • 6368 Views
  • 3 replies
  • 0 Likes

Active / Active NAT question

Hi To all the A/A users. How have you / Or can you setup SNAT so that all traffic is SNAT'ed to 1 ip . very basic example Eth1 - connect to 1.2.3.0/24 - interface address is 1.2.3.2/24 & 1.2.3.3/24 (A/A) 1.2.3.1 arp load balancedeth2 - connecs to 10.10.10.0/24 interface addrss is 10.10.10.2/24 & 10.10.10.3/24 ( A/A) 10.10.10.1 arp load...

Resolved! CLI command for Palo Alto to set a DHCP Reservation for the management port? Anyone?

Anyone know the command for this? Also we made the mistake of setting our Palo Alto to an IP address that is already taken so when we tried to access the GUI via the web we realized the mistake..... So how do we change the IP address to something else? Do we need to reset our Palo Alto? Or is there a PuTTY CLI command that we can easily change t...

stoyota by L1 Bithead
  • 18173 Views
  • 10 replies
  • 0 Likes

i don't connect to vpn PANGP

::edited by @reaper :: I don't connect to vpn MY LOG (T7692) 10/01/19 16:24:03:969 Debug(4273): DLSA, encounter an route defined in config, do not remove it(T7692) 10/01/19 16:24:03:969 Debug(4263): DLSA, check our route (des=10.1.77.82, mask=255.255.255.255)(T7692) 10/01/19 16:24:03:969 Debug(4273): DLSA, encounter an route defined in c...

Panorama VM OS Disk size modified

Today whilst we were investigating the process of upgrading the disk size for our Panorama Legacy Mode VM we have accidentally re-configured the disk size from 81gb (as per the template import original size) to 150gb. This was of course different to the process as outlined by Palo Alto documentation. Within VMWARE VCSA we are unable to change th...

  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks