General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Discussions

Thank You for Filling Out the LIVEcommunity Experience Survey!

If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users. 

 

In the past six

...

survey-livecommunity.png
jforsythe by Community Team Member
  • 560 Views
  • 1 replies
  • 4 Likes

Resolved! PAN Microsegmentation of DMZ

I am spinning up a new DMZ and wonder if there was a some means of restricting traffic between hosts on the DMZ using the PAN. 
I have a Cisco Nexus switch and the hosts are VMs in Cisco UCS. Thank you.

palomed by L3 Networker
  • 532 Views
  • 2 replies
  • 1 Likes

Detecting UserAgent spoofing

Does anyone know if PanOS v10+ can identify when a UserAgent is being spoofed?  I've been looking through the discussion boards and online user documentation and haven't been able to find any results. I'm trying to see if we can catch when a device t

...

Resolved! HIP Profile Windows 11

As stated in Where Can I Install the GlobalProtect App? (paloaltonetworks.com) the official client for W11 is > 5.2.10

Personally, I've used version ~5.2.7 without issues, the only thing I noticed was that detected host for HIP Profile was Microsoft W

...

etoribio_0-1641305326992.png
etoribio by L0 Member
  • 1471 Views
  • 2 replies
  • 1 Likes

Resolved! User-ID Agent - not populating PAN

We have been using the User-ID Agent and it has been working for over a year. On the 17th, the PAN stopped populating the traffic log with the user-id information. The Agent is working fine (user ids show up in the monitor) and the PAN is connecting

...

craymond by L4 Transporter
  • 3317 Views
  • 11 replies
  • 0 Likes

Issues with Device Telemetry

I have an HA pair (active/passive) of PA3250s (no Panorama) and just recently upgraded to PanOS 10.0.6 from 9.1.9. I configured the device telemetry and downloaded the new certificates for both firewalls. Telemetry is working great on my primary fire

...

cdlkey.PNG

Resolved! SSL Decryption+ALPN not stripped: yandex.com not working

Hi

 

I have a customer that wrote to me yesterday that if they remove the checkbox for Strip ALPN while having SSL decryption enabled, a few web sites such as yandex.com stop working.

I was able to reproduce this with my PA-3220 and PANOS 9.1 and also o

...

ShaiW by L4 Transporter
  • 1122 Views
  • 3 replies
  • 1 Likes

User-ID Windows agent failing to query

Beginning sometime last week (possibly on 12/26) our Windows-based User-ID agent stopped being able to query our DCs for user-to-IP mappings. The PA shows 1000s of request for IP mappings msgs with little to no response msgs from the agent. The agent

...

Home Decryption on a PA-220.

I have a PA-220 at home and want to use it to obviously protect my home, but also to help prevent my children from accessing things I feel inappropriate. 

 

Obviously with encrypted traffic from things like gaming consoles and phones this is harder to

...

Netflow originator finding

Hi !

we have a query in Netflows. we have configured Netflows on PA820 firewall and enabled monitoring on both WAN and LAN ports. The flows are going to the Netflow collector and everything working as expected. when we are analyzing the Netflows we ar

...

Tulasi by L0 Member
  • 270 Views
  • 0 replies
  • 1 Likes

Not able to access an website via Palo Alto firewall

Hi Folks,

 

We are recently receiving multiple cases where the devices behind the PA firewall is not able to access certain websites.

 

In an recent case we had seen for two devices (Device A and Device B in different VLAN's ) located behind Palo Alto fi

...

tamilvanan_0-1640963144717.jpeg
tamilvanan_1-1640963230501.jpeg

Resolved! Hit count cannot increase after NAT

Hi U-turn nat is configured for trust user to ping server located at DMZ. After the user ping the server from trust zone to dmz zone, the security policy count increases, but nat policy count does not increase. Is this normal? if not, why it happen?

...

DavidyPalo_0-1640898101134.png
DavidyPalo_1-1640898440563.png

Communication between 2 network segment

Hello,

I have a PA-220 firewall. There is a normal switch connected on ethernet 1/4. The switch is connected to the equipments of 2 network segments, 10.1.240. * and 192.168.5. * . 

These equipments need to communication now. But I can't change their I

...

1.png
2.png
3.png
Top Solution Authors