This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4105 Views
  • 0 replies
  • 0 Likes

Auto update of trusted root CA

Hello, Our PANs are not updating the list of trusted root CA certificates which is causing issues with services such as Microsoft Skype for Business and other applications as we have SSL decryption enabled. Using PAN-OS 8.0.7For example, Microsoft uses certificates signed by DigiCert Baltimore Root. I've checked on Panorama, our DC PANs and our ...

Farzana by L4 Transporter
  • 7049 Views
  • 2 replies
  • 1 Likes

Analysis ransomware

Hi, One of our servers have been infected by any kind of ransomware. We can see several files encripted. So we are seeing any evidence about the infection in the PA. The only trace that we saw in PA is that the infected server sends many dns sessions to strange domains: S is there any way to prevent these external dns sessions? are these session...

AV.JPG
BigPalo by L4 Transporter
  • 5487 Views
  • 4 replies
  • 0 Likes

Resolved! MS Updates blocked

It appears as though all of the sudden ms-upate traffic is being picked up as either session-end reason threat or n/a and updates are failing on my MS servers. Regardless of the server they all seem to be hitting the unidentified default rule at the bottom.

what does these values mean snmpEtherStatsRXNoErrors and snmpEtherStatsTXNoErrors ?

Hi, Trying to rule out the a file transfer througputput issue, looking at the interface stats, 1. Is there a technote explain these values mean?2. What are these values mean snmpEtherStatsRXNoErrors and snmpEtherStatsTXNoErrors ? Thanks, E admin@PAN5260(active)> show system state filter-pretty sys.s1.p21.*sys.s1.p21.capability: [auto,40G...

Is there a way to make URL custom allow list take precedence over the block lists

Hi All, I have an issue where we at times we block whole domains but we sometimes need to allow one sub-domain through. We recently put in the Palo Alto content filter and we have found it behaves very differently to our previous content filter which read the custom allow list first before proceeding to the block list. I found this article htt...

Site to Site VPN cannot use any private network range

Hello,I have to set up a Site-to-Site VPN so our users can access some resources on a clients network. As we had here a lab firewall, another Palo Alto, I set up a test between our production and lab. This worked and I was able to connect. For the actual connection to the client, their side is a Cisco ASA. I provided our Peer IP(Public IP) and i...

cheez by L1 Bithead
  • 12945 Views
  • 9 replies
  • 0 Likes

Resolved! Standard License Expired

My Standard License on PA says it expired, however the description on it is same as the last box which says License am I missing something ? License

PALicence.jpeg

Paloalto PA-820 automatic restart

Dear All I have a problem, why suddenly our paloalto PA-820 automatic reboot? This is informations :Software Version8.1.2 Paloalto suddenly restart own self.Logging :1. flow_mgmt: Exited 4 times, must be manually recovered.2. tasks: Exited 1 times, must be manually recovered. 3. supervisor: Exited 1 times, must be manually recovered.4. data_pl...

Resolved! Query on HA failover

Currently our secondary unit is running as Primary.We have upgraded our Secondary (originally Primary) FW and now would like to do the failover so that it becomes Primary.If the failover doesn't work as expected what should be done straightaway to avoid any traffic loss?

Resolved! show session all - command question

Is there any option for the 'show session all' command to act like log tail / stay active? ie - it would be good / useful with troubleshooting to see new sessions that match the filter, to be appended to the existing output, rather than re-running the command and looking for new lines that have appeared. Failing that, some othere CLI way to ach...

Sudden login issues with Minemeld on Ubuntu 14 and can't login under Ubuntu 16

First post was marked as spam for some reason so here goes try #2 with a more specific title Never been able to get a solid ansible deploy to CentOS so stuck with Ubuntu 14 manual install but....after staying up way too late last night trying to figure out why I suddenly could not log into Minemeld, discovering the engine would not start, doin...

hshawn by L4 Transporter
  • 8586 Views
  • 4 replies
  • 0 Likes

Panorama Serial

Hi I have deployed PA-VM-ESX-8.1.2.ova I have powered on the vm and opened the gui. I want to input the serial number that I have been given. - Select PanoramaSetupManagement and edit the General Settings- Enter the Serial Number and click OK- Select CommitCommit to Panorama and Commit your changes However, the Serial Number field isn't shown i...

Does 2 spaces cause issue with group mapping

A securit policy is not getting used because ad group i entered is not matching the policy. On checking the cli i cannot list users in the ad group and get invalid syntax error. show user group name cn=r-emp-it imp adm,ou=role restricted,ou=groups,ou=it ops,dc=cds,dc=abc,dc=comInvalid syntax.

raji_toor by L4 Transporter
  • 5443 Views
  • 4 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks