This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1950 Views
  • 0 replies
  • 0 Likes

Resolved! ssl decrypt exempt and C2C

 

we need to do do ssl decrypt exempt for number of domains.
this we are doing as per vendor requirement so that application can run without ssl decrypt 

 

1>Need to know if traffic is not decrypted and end user pc gets infected
can c2c in url filtering p

...

MP18 by Cyber Elite
  • 5182 Views
  • 5 replies
  • 0 Likes

Default superuser CLI access via TACACS authentication

Have auth profile setup to use a TACACS server.  VSA is passing "superuser" as the admin profile, but it is not giving me access to the CLI as superuser, only GUI.  I know I could create another admin profile and grant access that way, but it locks o

...

cdwing by L1 Bithead
  • 4098 Views
  • 3 replies
  • 0 Likes

Resolved! Paloalto 6.1.15 cannot download dynamic updates

The Paloalto firewall stop to download the dynamic updates since 28 Jan for Antivirus and 6 Feb for Applications, is that beacuse of the PAN-OS, should i upgrade 8.1.6.

 

Appreciate your help

 

 

Thanks

 

 

DPWorld by L1 Bithead
  • 3755 Views
  • 2 replies
  • 0 Likes

Resolved! PAN-OS Version Numbering

I saw a strange PAN-OS version on the support site software updates and wanted to know what this version is. What does the "h2" designation mean?

 

8.1.6-h2

 

 

New to Palo Alto from Juniper SSG

I was wondering if someone could enlighten me on how to replicate the Mapped IP functionality from Juniper SSG to Palo Alto.

We have a number of services on our current Juniper SSG.  The way we firewall these services is using MIP's on the Untrust Zon

...

Resolved! PA support SVTI

Hi @reaper 

 

Do palo alto support SVTI like Cisco.


SVTI configurations can be used for site-to-site connectivity in which a tunnel provides always-on access between two sites. The advantage of using SVTIs as opposed to crypto map configurations is that

...

Resolved! Mac OSX HIP check based on processes

I've recently turned on HIP profiles for our windows users, checking to see if our patch management and AV is running by looking at processes.  I need to do the same thing for some of our Mac users, but I'm striking out.  What is the best way to veri

...

Antivirus/Anti-Spyware Response Page not working

Hey Community!

 

I noticed that our Firewall (PA-3020, PAN-OS 7.1.6) does not serve an Antivirus/Anti-Spyware block page.

When I use http://www.eicar.org/85-0-Download.html to test it, I can see that it is blocked.

ThreatLog shows action "reset-both" but

...

Resolved! 8.1.5 BGP question

Hi

 

I have some inserted routes into my BGP for redistribution.

firstly I have a NAT address associated with a loopback. I had a redis rule saying connected and added in the interface.

 

That didn't add the ip address into the BGP tables, tried just the

...

Increase Panorama logging

I currently have a virtual Panorama on esxi running version 8.1.x in legacy mode. The VM is configured with a system disk and an additional 500GB disk for logging.  The 500GB is proving to be not enough as I'm only able to keep a little of 1 month of

...

MikeC by L3 Networker
  • 4681 Views
  • 5 replies
  • 0 Likes

Test vlan network for rsa secureid

Hi all,

 I have project where I need to have a test vlan in my pan820 that will intergrate with Secureid authentication manager 8.4, my plan is to have this test vlan separate from the inside network, and also from globalprotect, we will be putting pc

...

cdcirexx by L3 Networker
  • 4231 Views
  • 4 replies
  • 0 Likes
  • 24199 Posts
  • 117 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks