General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 607 Views
  • 0 replies
  • 0 Likes

HA Cluster update issues

I've had an odd issue crop up.

I have two PA-820's in a HA cluster.

Everything has been working fine for over a year, no issues at all.

Starting Friday afternoon of last week, I began getting alerts from the passive device.

The alerts are for being unabl

...

Query on PAN-OS upgrade for PA-VM

Hello,

 

We are using PA-VM-100. We are planning to upgrade from 8.0.5 to 8.0.13.

 

Will it impact in any aspect if we increase the disk space of a firewall server by reducing the retention period of log files, such as Threat report, traffic report etc.?

PA500 HA with Layer 3 OSPF connectivity to Core

Hi

 

We currently have 2 PA 500 which are currently  configured for HA. But don't think its currently setup correctly.

This is what I can find regarding as to what we want to achieve.

 

Active passive with OSPF

https://knowledgebase.paloaltonetworks.com/se

...

Resolved! Application incomplete

Hi,

Why Palo Alto is detecting sometimes the application like SSL and sometimes like incomplete??????

if the connection has 134bytes is not detected, but with more than 134b is detected..........

SOC_CSG by L4 Transporter
  • 31322 Views
  • 9 replies
  • 0 Likes

Resolved! Always on Global Protect and Open Wifi

I'm in the initial stages of a support case, but am curious if you all have had issues or success with this scenario:

 

A GP user that is:

 

pre-login / always-on / machine cert auth / no split-tunnel (0.0.0.0/0 include route) with access to their local

...

How configure Taxii miner for API Authentication

Dear All,

 

I need create Taxii miner with API Key Authentication

 

 

I don’t know about how enable API Key authentication.

 

I need configure API on my mimer as " VitusTotal".

 

Which should miner I use? How configure it?

 

 

Thank you

1-1.jpg
2.jpg
3.jpg

Signatures Minimum OS Version??

critical

18754

DemonBot Command and Control Traffic

reset-both

8.1.0

 

I noticed the above threat in releas 8096.. Which says minimum PAN-OS 8.1.0...

 

We are on 8.0.x , does that mean the above would not be applicable?

 

Thanks

 

Rob

 

Resolved! Tunnels status VPN between Palo Alto-3260 and AWS VPC.


Folks,

Typically when we build a IPSec tunnel from the AWS VPC to the on-prem Palo Alto box we get an option of 2 tunnel's from the AWS. I have options of configuring both the tunnels as UP/UP when the end point is something like a Juniper ISG-1000/IS

...

nson2139 by L3 Networker
  • 4059 Views
  • 2 replies
  • 0 Likes

Traffic Logs - Resolve Hostname - Micrsoft Public IPs

Dear Commuity,

I am very new to Palo Alto Firewalls. I saw, that you can check the "Resolve hostname" checkbox when viewing Traffic Logs. Sadly a lot of IPs are not being resolved. I examed a few random samples and notices, the IPs mostly belong to Mi

...

tpmeier by L0 Member
  • 3821 Views
  • 3 replies
  • 0 Likes

Resolved! Firewall - Interface High availablity

Hi All,

In my scenario, i have single PA-220 for guest access.  In trusted zone i would like to keep the interface lelvel (active/standby) high availablity.Interface type as L2.  I couldn't do aggregate interface since it's connected to two seperate s

...

pa-220-ha.png
gpsriram by L1 Bithead
  • 2308 Views
  • 2 replies
  • 0 Likes

FQDN TTL shorter than refresh time

I have a problem with some sites that uses DNS round robin as loadballancer.

As an examble:

vs-ssh.visualstudio.com

 

This has the TTL set to 300 sec, the PA's FQDN refresh is default 30 min.

So the firewall won't cache all IP's used in the round robin, b

...

  • 24115 Posts
  • 117 Subscriptions
Top Solution Authors
Labels