This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4117 Views
  • 0 replies
  • 0 Likes

Resolved! Panorama 8.0 - EDL & Certificate Profile

Hi all, I just ran into an issue while creating an External Dynamic List in Panorama 8.0. The source is a HTTPS address that requries a certificate profile for validation, so far so good. The problem is that I can't select any certificate profile, the list is empty. There's a certificate profile created under Device > Certificate Management ...

Capture.JPG
Capture.JPG

Resolved! GlobalProtect for Linux cannot connect to local gpd service

After installing the rpm (latest version as of today: 4.1.7, running on Fedora 28) the cli client cannot communicate with the service (although it is started): $ systemctl status gpd● gpd.service - GlobalProtect VPN client daemonLoaded: loaded (/usr/lib/systemd/system/gpd.service; enabled; vendor preset: disabled)Active: active (running) since T...

ctr_ts by L1 Bithead
  • 25886 Views
  • 5 replies
  • 0 Likes

Resolved! DMZ Config for web server

My firewall is using the following Interfaces/Zones: E1/1(5.5.5.170/29) and E1/1.1(5.5.5.174/29) are in the outside zone. E1/2(192.168.254.252/24) is in the inside zone. E1/8(192.168.1.1) is in DMZ zone. E1/1 and E1/2 are connected to the mainvr virtual router. E1/1.1 and E1/8 are connected to the DMZrouter virtual router. I have a web serv...

nmckee by L1 Bithead
  • 12898 Views
  • 4 replies
  • 0 Likes

Security Policy not blocking Facebook

Hello, I am connecting to the VDI as the teststud user and can browse to Facebook. The session is hosted on IPC-VDI-VSH1 as per the screenshot below. I have copied our existing security policy which blocks access to Facebook, Youtube etc. I can see that the traffic is hitting the correct policy, however, I am still able to access Facebook. I ...

Deny traffic.jpg
Security Policy.jpg

Resolved! Connecting to VPN Windows network profile changes to "Domain network" for the phys. network adapter

Just noticed that with Globalprotect 4.1.x the network profile changes to from "Public" or "Private" to "Domain network" for physical network adapter and not just for the VPN adapter while being connected to GlobalProtect service. Also when the VPN session is disconnected the physical adapter profile does not change but instead stays as "Domain ...

NLA-4.0.8.jpg
NLA-4.1.8.jpg
tigeli by L2 Linker
  • 7622 Views
  • 1 replies
  • 0 Likes

Resolved! Disable SSL decryption via CLI - how long

Happy New Year everyone Need to know if i run the below command Disable SSL Decryptionset system setting ssl-decrypt skip-ssl-decrypt yes Will this disable ssl decryption for 1 hour or 1 day need to know for how long?

MP18 by Cyber Elite
  • 3242 Views
  • 2 replies
  • 0 Likes

Cant deny users from using remote desktop on non standard tcp port

I am trying test app id & put a rule in (all the way on top) denying my work station from accessing RDP on machines in other zones. I have successfully blocked users from accessing RDP on standard port 3389 but can still access RDP on a machine that listens for RDP on a non standard port (tcp 51000). I did not specify the non standard port...

rdp.PNG

Minemeld diminishing numbers when passing from miner to processor.

Hello, We are trying to integrate Recorded Future IP risk list with our SIEM to do correlation after that. We have set up correctly the miner, which gives us around 50k indicators. We then proceed to pass it to the processor stdlib.aggregatorIPv4Generic, which just process 20k indicators. Finall we convert it to CEF format with the output cef.t...

Resolved! Mid-January Azure AD IP Update

Can anyone confirm these 2 new ranges will be added to the feeds at the appropriate time? Didn't see any discussion on this. https://techcommunity.microsoft.com/t5/Intune-Customer-Success/Support-Tip-Azure-AD-updating-IP-Addresses-in-Mid-January/ba-p/304828

Chad00 by L1 Bithead
  • 3812 Views
  • 1 replies
  • 0 Likes

DHCP - DNS Servers

Hi All, Awhile back I was having an issue using DHCP on our PAN Fws. In the DHCP options, if I set the primary DNS to an internal DNS server and the secondary to a public DNS server, our clients randomly had issues accessing internal resources. I would notice even though they had connectivity to the internal server, it was using the secondary t...

MikeC by L3 Networker
  • 5078 Views
  • 4 replies
  • 0 Likes

Resolved! NAT Issue

Hi Friends,I have 2 server hosted in lan zone and one public ip . i have configure the NAT for 1 server from outside from port 80 and its working fine. but i want access the other server from lan with public ip from port 80 but its not working showing application is undirected. please suggest.RegardsSatish

Satish by L4 Transporter
  • 7894 Views
  • 3 replies
  • 0 Likes

Configuring XFF logging without a URL Filtering License

1. Create a Custom URL Category with * under ‘sites’ (Objects >> Custom Objects >> URL Category >> Add) 2. Create a URL Filtering Profile & set your Custom Category action to “alert” (Objects >> Security Profiles >> URL Filtering >> Add) Tick the box to log XFF on the ‘URL Filtering Settings’ tab… ...

1.png
2.png
3.png
4.png
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks