This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4224 Views
  • 0 replies
  • 0 Likes

syslog reports (web usage)

Hi all, I do daily scripted syslog reports for traffic through the firewall. PA syslog messages are pretty good actually. However, the only messages that have something that resembles URL is the messages of the "THREAT url" pattern. Now, I accasionally need to do a web usage report for some managers on what their employees are doing. For that I ...

au_igs by L1 Bithead
  • 6875 Views
  • 8 replies
  • 0 Likes

Question About Panorama VR || CAN ADD SINGLE ROUTE WITHIN A VIRTUAL ROUTER FROM TEMPLATE IN PANORAMA

Hi Team, Can anyone provide your valuable suggestions, If no any other alternate way please. I'm facing issue with configuration of the devices using panorama. Please find the details of the issue mentioned below. 1) Using panorama access enabled for the IP address X.X.X.X in policies and created route for the same in network tab.2) Th...

connect-server-monitor-failure

Has anyone experienced numerous of these "connect-server-monitor-failure" alerts when using agentless user ID? I have 20+ firewalls using a few specific domain controllers to get user ID info, but these alerts are constantly, 100's an hour. It seems to be related to WMI memory error, but I've already increased the wmi memory, described in this a...

MikeC by L3 Networker
  • 14473 Views
  • 7 replies
  • 0 Likes

User-id doesn't work on SSID

I have PAN UID agent mapping IP-to-usernames. It works like a gem for internal users but not on the DMZ which allows company phones with their AD creds. I am not seeing any usernames for these users although they authenticate against AD server. has anyone experienced this before? Please provide me your inputs. TIA

Resolved! URL Filtering Rule-Allowed Users to websites stops working for a few seconds.

Hi Guys I have a problem,i set up URL filtering to block users from certian catogories and linked it to my security rule.-Works great. Created new URL filter to allow Management to catogories which is blocked,created new Security rule and linked new URL Filter-Also works,but then every few hours or so the Allowed rule gets bypassed and Allowed c...

Commit error profile compiler can not find tid 40006 in threat database

Hi, We are having issues with commit in the FWs from last Wednesday. The error that we receive is: "Error: Profile compiler : can not find tid 40006 in threat database". The commit finishes correctly, but with the warning of the error.We have revert the content update of the apps and threats to a previous one and the commit finishes correctly. W...

Commit error.png
Updates.png

NAT + DIPP question

Hi - we have experienced an issue where users in a certain zone were having intermittent problems accessing the internet. We speculated that there could be a NAT issue, and the pool might be full, or translations just werent working. The pool is large and it shouldn't be fillling up. As a troubleshooting step, we enabled overload / DIPP on the N...

Palo NAT question.png

POC in AWS - Palo Alto Active/Active under NLB

Working on a POC. Have two firewalls sitting under an NLB. One of the firewalls routes traffic to database. This appears to be a limitation on the VPC route tables. With traffic from App server destined for the DB, it goes through AZA palo alto. What advice do you have if this firewall dies? Anyone else experience the limitation with having ...

PXE Boot Not Working

Hello everyone,I have a new issue where a PA3020 has been placed between Client and Server subnets on the network. Since this install, building new PCs using PXE boot and deploying Applications using Windows SCCM no longer works.The build starts and the client picks an IP address. On the logs, I can see successful traffic flows between Client an...

Bocsa by L3 Networker
  • 12302 Views
  • 4 replies
  • 0 Likes

Resolved! User ID and LDAP configuration

Hi ,I am a beginner to PA Networks.Can anyone please provide any document to configure the LDAP tree structure in WIN 2008 sever AD. So that PA user agent fetches the user - ip mapping information.Thanks

Auto update of trusted root CA

Hello, Our PANs are not updating the list of trusted root CA certificates which is causing issues with services such as Microsoft Skype for Business and other applications as we have SSL decryption enabled. Using PAN-OS 8.0.7For example, Microsoft uses certificates signed by DigiCert Baltimore Root. I've checked on Panorama, our DC PANs and our ...

Farzana by L4 Transporter
  • 7100 Views
  • 2 replies
  • 1 Likes

Analysis ransomware

Hi, One of our servers have been infected by any kind of ransomware. We can see several files encripted. So we are seeing any evidence about the infection in the PA. The only trace that we saw in PA is that the infected server sends many dns sessions to strange domains: S is there any way to prevent these external dns sessions? are these session...

AV.JPG
BigPalo by L4 Transporter
  • 5533 Views
  • 4 replies
  • 0 Likes

Resolved! MS Updates blocked

It appears as though all of the sudden ms-upate traffic is being picked up as either session-end reason threat or n/a and updates are failing on my MS servers. Regardless of the server they all seem to be hitting the unidentified default rule at the bottom.

what does these values mean snmpEtherStatsRXNoErrors and snmpEtherStatsTXNoErrors ?

Hi, Trying to rule out the a file transfer througputput issue, looking at the interface stats, 1. Is there a technote explain these values mean?2. What are these values mean snmpEtherStatsRXNoErrors and snmpEtherStatsTXNoErrors ? Thanks, E admin@PAN5260(active)> show system state filter-pretty sys.s1.p21.*sys.s1.p21.capability: [auto,40G...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks