This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! Jump in Suspicious HTTP Evasion Found and Suspicious TLS Evasion notifications

Recently I have noticed a jump in detections of Suspicious HTTP Evasion Found and Suspicious TLS Evasion Found going to genuine website such as eBay, Amazon, Apple etc. The firewall is setup as a DNS proxy that forwards on to PiHole and then out to a public DNS and as far as I can see I have nothing setup incorrectly. Does anyone here have any ...

Jrice01 by L1 Bithead
  • 17319 Views
  • 6 replies
  • 0 Likes

Resolved! Geography blocking to China, now need to make exception for a single IP address.

Under Policies we are using deny by region with the country objects listed. One being China. I have a request for some needed technicians to be able to receive traffic now from one specific IP address in China. How does one add a single IP exception in this case to allow the traffic? All my searches for exception keep coming back to Threat proje...

RobYoung by L0 Member
  • 7238 Views
  • 1 replies
  • 0 Likes

Resolved! Expedition Export

We are trying to migrate a Checkpoint firewall. We have Expedition set up and have imported Panorama as our base config. We were able to add the Checkpoint as well and merge the configurations. However, upon export, the process hangs. We have tailed the logs to find an unterminated entity reference and it gives a line number. Are there any ...

Resolved! User-ID Agent on MS Server 2019

Does anyone know if Server 2019 is officially supported, for running the User-ID agent yet? Also, any reason i shouldn't run version 9.0 if my firewalls are 8.0.16? Thanks

Issue with GP VPN

Hello, We have setup GP VPN and it works, VPN client can talk to network.However, if we take initial from internal work to VPN client, it is not working. For example, when VPN enabled, I got an IP: 192.168.246.9, and it can reach server: 192.168.16.31However, if I ping or rdp to 246.9 from 16.31, it doesn’t work. Is this expected?If not, how to ...

Why viruses/spywares passes PA device unblocked?

HelloUntil now I trusted that default configuration for most purposes is OK.Today I discovered that few viruses passes in smtp traffic to my email server. I'm curious why?when in web-broswing traffic the same type of aplication "virus" was denied.My security rule:it using profile "servers". This profile looks like:so it's using antyvirus profile...

_slv_ by L4 Transporter
  • 14447 Views
  • 12 replies
  • 0 Likes

IPv6 over backup interface

I have IPv6 over my backup ISP (dual PA 3020s). I am trying to route all IPv6 traffic over that interface but not having much luck passing any IPv6 through the PA. If I ping6 internal and external hosts from the PA itself it works. If I try to ping/traceroute from behind the PAN at the core or from outside the PAN it doesn't work. I have polici...

drewdown by L4 Transporter
  • 3592 Views
  • 2 replies
  • 0 Likes

Resolved! IPSEC tunnel is up but can not ping through

I have IPSEc ikev1 tunnel with vendor.Phase 1 and 2 are up and green. From PA from my Lan interface when I ping remote lan subnet ping does not work.I see no return traffic from vendor to PA. IS this normal behaviour to have Phase 1 and 2 up but routing does nor work both way?

MP18 by Cyber Elite
  • 12742 Views
  • 2 replies
  • 0 Likes

Issue with PBF rule

Hello, We added a new VDSL Link on port 1/4 and created the PBF rule so that if the primary goes down, it will switch over to the backup. PBF rule is working fine and internet failover works okay. However, customer accesses an internal Server across the client VPN, and when we enable the PBF rule, all access to that server is blocked via the VPN...

  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks