This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1694 Views
  • 0 replies
  • 0 Likes

Resolved! Diasble 7.1 Administrative session cipher suites

Hello,

 

A recent PEN Test has advised we disbale the Arcfour when connecting via SSH to manage the Palo Alto via CLI. 

 

We are on release 7.1.6 (pending upgrade).

 

https://www.paloaltonetworks.com/documentation/global/compatibility-matrix/supported-ciph

...

User-ID Statistics

We have a cenario where the Firewall control the Internet access from users in the local network and we control these access with URL profiles and security policies.
We identify the user session with USER-ID Agent installed on Windows AD Servers.
I'd l

...

mmcastr by L1 Bithead
  • 3630 Views
  • 3 replies
  • 0 Likes

Setting "log at session start" on multiple rules

I found a KB but it's from 2016 and is no longer applicable. 

 

I want to enable 'log at session start' on thousands of existing Security Pre-Rules across several Device Groups. I remember a multi-edit function but something's changed and I can't figur

...

Cacti Host Template: From PA500 to VM100 - failing

We have enjoyed Cacti statistics from our PA-500 box for years.  But when I replaced the PA500 with a VM-100 then Cacti could no more connect to fetch data via SNMP.  I thought both models used the same protocol and version.  Below you'll see a scree

...

CactiHost.jpg

Why public cloud users did not need Palo Alto before ?

Dear all

 

We can see heavy public cloud users since 2016. But we did not have Palo Alto on public cloud until recent. Does that mean public cloud does not need 3rd party security solutions like Palo Alto? Because if public cloud users really need 3rd

...

Re: user-id agent issues

 

 

We are using  windows user-id agent for parsing the user and user group mapping info. often i see in the logs that the user is being not recognized and hitting the deny rule.  after couple of minutes it starts recognizing the user and allows the tr

...

Sanssj by L2 Linker
  • 2227 Views
  • 2 replies
  • 0 Likes

Resolved! Errors in installing Minemeld on Ubuntu 14.04

 

I am trying to install minemeld on ubuntu 14.04. here the steps I did:

I made iptables inactive

I Added and verified successfuly the repo GPG key

I added the minemeld APT repo

I verified that minemled APT is added in /etc/apt/sources.list

 

However

...

Capture.PNG

PAN-SA-2018-0015

Hi guys,

 

Just saw the notice about PAN-SA-2018-0015. Doesn't seem like this vulnerability is a real issue. Am I correct? Or is there a viable way of someone exploiting it?

YoniLeit by L0 Member
  • 4329 Views
  • 2 replies
  • 0 Likes

Resolved! How to generate traffic reports for a specifi interface

Hello Palo experts,

 

I want to create a report which tells me what bandwidth has been used on an outside interface, for say the past month. Something that can display the average bandwidth being used during a day would be good. I see on my PA-3050 tha

...

rchung54 by L2 Linker
  • 21193 Views
  • 4 replies
  • 0 Likes

Deleting Panorama templates

Hi, A firewall has been configured with a template from Panorama, the template was then deleted from Panorama.

Can i safely remove the template from the firewall without deleting the config applied through the template?

Add device in Panorama

Hi,

 

We are trying to add a devices in Panorama. We have checked the conectivity FW-> in port 3978. We can see the packet running tcpdump in Panorama about packets comming from FW.

 

so connectivity is OK. Everything looks ok. And we have another FWs in

...

Panora.JPG
BigPalo by L4 Transporter
  • 1895 Views
  • 2 replies
  • 0 Likes

Resolved! What is the value of a Backup Peer HA1 IP Address?

In some of our firewalls I note a secondary IP address is assigned to a single HA group ID. 

What is the value of having this second IP? The problem it's introducing is that SNMP Traps

are getting gerated once or twice a day noting that the secondary I

...

  • 24216 Posts
  • 117 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks