General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Discussions

Thank You for Filling Out the LIVEcommunity Experience Survey!

If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users. 

 

In the past six

...

survey-livecommunity.png
jforsythe by Community Team Member
  • 542 Views
  • 1 replies
  • 4 Likes

New to the Training and Community

Hello All,

 

As the title states, I am new to Palo Alto training and the Community. I have started the lab Firewall 7.1: Install, Configure, and Manage (EDU-101) and downloaded the lab guide. I would like to login to a device as it states on step 3:

 

"3

...

plosey68 by L0 Member
  • 743 Views
  • 2 replies
  • 0 Likes

traffic flow

Hi,

 

I have two zone (trust and trust),

for trust to untrust traffic flow   and untrust to trust , do I need to create two security rules ?

 

Thanks

 

 

simsim by L4 Transporter
  • 1392 Views
  • 7 replies
  • 0 Likes

slowness in traffic

Hi,

Users complain about the office365 outlook connectivity ,slow submission of email . From PA prespecive what need to be verified and make sure there is nothing from the PA side .

 

Thanks

simsim by L4 Transporter
  • 887 Views
  • 2 replies
  • 0 Likes

Resolved! WannaCry - Kill Switch & DNS sinkholing

Why Palo is not sinkholing DNS queries to the kill switch URLs? Currently if I run a DNS lookup request for the kill switch URL, it come back with the valid DNS response. shouldn't this be sinkholed?

 

When the guy "accidentally" found the kill switch,

...

Fengrui by L2 Linker
  • 7906 Views
  • 5 replies
  • 0 Likes

Resolved! Dshield blocking generic pulls

Saw this notice on the dshield page the other day that they will be blocking generic pulls from agents if they don't have contact info in the script.  Still learning about minemeld but know dshield is one of the default miners and was just wondering

...

Resolved! Security Policies Clarity

What is the difference between pre rules and post rules  ? None of my colleagues could answer this question upto my satisfaction.Can I expect expert comments ?

cmyakal by L1 Bithead
  • 1513 Views
  • 5 replies
  • 0 Likes

Resolved! External feed URL and minemeld update URL

In our environment, there is a PA between Minemeld and the Internet, so PA access control.

 

Would you please tell me the subject URL and port number ?

(A specific external feed becomes O365 is https://paloaltonetworks.box.com/s/gndwe5rzheg1ekwplxb4m

...

How many NPCs do you have install in your 7k?

Hello Community members,

 

For those who are using 7000 series chassis,  how many NPCs are installed in the chassis?  Are all of the NPC have interfaces connected to the up/down stream routers/switches?  What kind of latency are you experiening when th

...

qos

Hi,

After egress max set  in the following order ,

If  100 Mb is the internet speed and   through the trust link (1 GB)  traffic is going other than untrust ( internet zone ) , 

the below configuration is ok ? .

 

 

class 1 10

class 2 10

class 3 10

class 4  4

...

simsim by L4 Transporter
  • 944 Views
  • 6 replies
  • 0 Likes

Best practice for setting up address groups

Hi

 

Newbie to PA.

 

I want to create a address group dynamic (think that might be best.  made up from a group of network addresses in each DC.

 

So for example if I have 3 DC

 

dc1 - 10.1.0.0/16

dc2 - 10.2.0.0/16

dc3 - 10.3.0.0/16

 

I could tag them with "dc_ne

...

IKE Phase 1 Timeout

IKE is failing to negoriate phase 1.  I get this timeout and then a delete. Any thoughts on the possible cause? I'm thinking

the peer is perhaps not permitting the traffic from this device perhaps at a security device in front of their tunneling firew

...

palomed by L3 Networker
  • 3091 Views
  • 8 replies
  • 0 Likes

Adding Multiple Individual IP addresses at one time.

In our environment we use tags on individual IP addresses for a few different things and then have policies in place to take those actions based on those tags.

 

Sometimes we have requests come in with a lot of indivudla IP addresses that we have to ad

...

Top Solution Authors