This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4112 Views
  • 0 replies
  • 0 Likes

Panorama Local Log Collector.

Hey, I have a HA pair of firewalls in SiteA and a HA pair of firewalls in SiteB. SiteA and SiteB seperated by a 1Gb WAN. I have Panorama deployed in HA, one VM in SiteA and one VM in SiteB. I want the firewall in SiteA to send logs "only" to the Panorama VM in SiteA, similarly I want the firewall in SiteB to send logs "only" to the Panorama VM i...

sip invite method request flood attempt

I have recently been dealing with sip invite method request flood attempt show up not only in my threatsm but also making it impossible to make calls external or external to internal calls because its trying to call a number every 4 seconds and taking all my SIP connections available. Besides blocking it on the firewall and having the ISP deadro...

jdprovine by L4 Transporter
  • 20775 Views
  • 5 replies
  • 0 Likes

Resolved! Virtual Wires and Tag allowed

Hi All , Is there any specific reason why we can't have same VLAN tag defined on the parent virtual wire interface and the subinterface ? Thanks ..

deepak12 by L3 Networker
  • 3743 Views
  • 2 replies
  • 0 Likes

Allow outbound web traffic by exception by session while utilizing authentication

Is it possible to block all outbound http/https traffic on an authenticated per-session basis instead of a per-client basis? I currently have my PA setup so that it will only permit web traffic after authentication (using captive portal), however this appears to allow all outbound web traffic on the client, whereas I'm looking for it to continue...

Kerberos SSO PAN-OS 7.0.1

Hello,at the moment I'm trying to set up a SSO Auth with the Admin Web Interface (and Captive Portal). I set it up like the documentation of PAN-OS 7.0 told me. I tried different Crypto types but all with the same error.1. Log in to the KDC and open a command prompt.2. Enter the following command, where <principal_name>,<password>, a...

Change password for TACACS user

Hi all, Is it possible to allow Firewall administrators (authenticated via TACACS+ running on Cisco ACS) to change their expired TACACS passwords when they're logging in to Web UI of the Firewall ? Cheers, Marek

Globalprotect portal not found

Hello,I'm having some issues connecting with globalprotect with one laptop.The 4.1.10 version was installed . Tried with 4.1.12 and 5.0.2, same issue.I can connect via the browser without issues. install and uninstall a few times with no luck...

Resolved! Airwatch issue Session Browser Query

Hi All, Just a sanity check question to ensure my config and thinking okay. We are having issues with VMWare Airwatch traffic to a cloud server for a customer that migrated across to our network. They don't seem to be able to connect to the server for deployments. Traceroute to the server blackholes within VMWare environment. Test from other sou...

a.jones by L3 Networker
  • 3787 Views
  • 2 replies
  • 0 Likes

Better user web traffic reporting?

Reaching out to the community to see if anyone has a solution for obtaining nice pretty VP readable reports for user web browsing traffic history that works well with the PAN firewalls? The URL report on the firewalls is overwhelming and requires a lot of massaging to get something they can read and understand. We really only need something that...

hshawn by L4 Transporter
  • 3345 Views
  • 3 replies
  • 0 Likes

Resolved! user-id in the DMZ zone

Hello,I have user-id enable on the trust zone and it works fine. I also have a DMZ zone and was wondering if it was ok to enable it on that zone? I know best practice is to not enable it on the outside zone, but we have many dmz to trust security policies and I would like to see in the reports some of the user accounts that are sourcing in the D...

roma by L2 Linker
  • 3918 Views
  • 1 replies
  • 0 Likes

STIX/TAXII feed not working for otx.alienvault.com

Hello, I tried to create a STIX/TAXII miner for otx.alienvault.com. I used the default MineMeld taxii client for this(minemeld.ft.taxii.TaxiiClient) and the new client minemeld-taxii-ng(taxiing.Miner). The first client does returns the error ' module object has no attribute 'sslwrap''.The second returns a 406 client error, which leads me to assu...

folmer by L2 Linker
  • 14704 Views
  • 10 replies
  • 0 Likes

Route Reflectors

Is there more details on the route reflector options? The documentation is pretty vague. what is enable sender side loop detection? What is bidirectional peering?

Panorama in NSX deployment not showing interfaces within the template

Hello community! I have an issue you maybe can help me with:I´m deploying PAN-VM firewall on NSX and noticed that the template where I added the VM doesn´t have interfaces.The VM is connected to the Panorama and the template is in sync, I push a new zone and this creates a new vwire pair of sub-interfaces on the VM as it should be but in Panoram...

Carracido by L4 Transporter
  • 4168 Views
  • 2 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks