This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4467 Views
  • 0 replies
  • 0 Likes

Block traceroute

Hi all,is there a way to block IP source if I match traceroute App-ID? Maybe with a custom vulnerability?

s_quasar by L3 Networker
  • 8131 Views
  • 7 replies
  • 0 Likes

FreeIPA LDAP group mapping

UPDATED:The LDAP package FreeIPA uses , 389-ds-base, had some security vulunerabilities and has been updated. This update has caused the PA to fail checking users within groups. Here's is the latest configuration that works with 389-ds-base (1.3.8.4-15.el7.x86_64)Ive tried many parameters trying to connect to FreeIPA for LDAP group mapping and f...

FreeIPACapture1 (1).GIF
FreeIPACapture2 (1).GIF

can't login to web console

I have just instaled MM on Ubunto 16.04. Using these instructions: Howto on Ubuntu 16.04 $ sudo apt-get update $ sudo apt-get upgrade $ sudo apt-get install -y gcc git python-minimal python2.7-dev libffi-dev libssl-dev make $ wget https://bootstrap.pypa.io/get-pip.py $ sudo -H python get-pip.py $ sudo -H pip install ansible $ git clone https://g...

Mattk by L2 Linker
  • 13057 Views
  • 8 replies
  • 1 Likes

Resolved! Firewall upgrade/replacement

What is the easiest way to replace old hardware(5050) with new(5520), that are in HA pair. Can i add 2 new firewalls to the HA group and failover. Or do i have to replace passive with new, make it active then remove the other.

raji_toor by L4 Transporter
  • 9802 Views
  • 4 replies
  • 0 Likes

URL Response Page for SSL without decryption

Hello everyone, we have PA7050 managed by panorama. We dont have SSL decryption but we want to serve users a block url response page for https traffic. For that I followed following link: https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Serve-a-URL-Response-Page-Over-an-HTTPS-Session-Without/ta-p/55998 But this doesn't seem to ...

Report mismatch

We are facing issue with mismatching of bandwidth statistics between our weekly report and custom total bandwidth report. For example, on 11 Nov the bandwidth shown on the weekly report is around 2000GB but the one shown on the custom total bandwidth report is a lot less than it. Any help on how to resolve this issue please?

Report.jpg

Restricting specific AD groups to only specific IP addresses on Globalprotect VPN

So I'm going to preface this with the fact that I am not a network admin. Ours quit, so I was basically thrown this stuff. I have only ever done webfiltering on the palo alto.I got global protect vpn setup using the help of a system engineer. We do the LDAP stuff for webfiltering and for vpn access. Users have to be a member of a specific gr...

Not seeing any security events in the dashboard

Hello all! I've had a strange thing happen in the Traps dashboard. No security events for an entire month. Not even low or medium. I find this hard to believe. I've just run the test malware file and it did pop up on the endpoint and it did report that in the dashboard, but there's nothing else! I see in the logs that files are being evaluated. ...

Getting a list of smtp.office365.com IP ranges

Hi, Pretty new to MM and so far I have it up and running in Azure. I used the O365 guide and it worked well however I was wondering if there is a way to get specifically the ranges used for SMTP and if someone could potentially help me with that? I see there is a list here: https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-ad...

TyronF by L2 Linker
  • 18459 Views
  • 5 replies
  • 0 Likes

Field name of "Name" at Palo Alto Threat logs

May I know what is the field name of "Name" at Palo Alto Threat logs, i've checked the documentation on https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/monitoring/use-syslog-for-monitoring/syslog-field-descriptions/threat-log-fields but it seems like i can't find the right field name of "Name" at Palo Alto Threat

a.png
yaboixd by L0 Member
  • 3037 Views
  • 2 replies
  • 0 Likes

Resolved! DoS protection policy process order

Hi All, Basic question and l think l know the answer but just would like to confirm.Is it the same for the DoS protection profiles if you compare with normal security policies, fist match from top to bottom?I have a general DoS rule with broad src and dst address groups but the requirement is to exclude few IPs from those groups. l want to creat...

myky by L3 Networker
  • 3942 Views
  • 2 replies
  • 1 Likes

TCP / UDP Flood

Hi all,I have set up a dos rule from outside to my server zone.Why sometimes I can see attacker and victim IP and sometimes not?

s_quasar by L3 Networker
  • 7146 Views
  • 4 replies
  • 0 Likes
  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks