This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 2062 Views
  • 0 replies
  • 0 Likes

FQDN as source address

Hi to all

 

I have a problems with riles with FQDN

 

For example i created rule:

 

source ip - destination ip - destination port

 

I changed ip to FQDN object - pc1.domain.com.  Palo Alto can resolve name to IP. 

 

New Rule:

 

source FGDN - destination ip - dest

...

aaobuhov by L2 Linker
  • 3886 Views
  • 4 replies
  • 0 Likes

Resolved! Upgrade to 8.1 from 8.0.x

I just got off the phone with Palo support as I'm doing an upgrade from 8.0.9 to 8.1.4.  They said all I need to do is download (not install) the base 8.1.0 image, then download and install 8.1.4

 

While on the line with them, I came across this from d

...

ce1028 by L4 Transporter
  • 12253 Views
  • 10 replies
  • 0 Likes

Resolved! Skype for Business vs Skype

Hi All,

 

is there a way for Palo to distinguish between Skype and Skype for business?

Application list only suggests you single Skype application...

 

Idea is to block regular skype and only allow skype for biz, maybe there are any weird workarounds....

...

Carve public Subnet without involving Vendor

Anyway to accomplish following without modifying routes at the router?

 

I have a subnet 1.1.1.0/24

 

1.1.1.1/24 PAN ETH1 Need to route 1.1.1.50 from ETH1 -> ETH3 as it sits behind ETH3. I need ETH1 to reply back to router when it says arp who has for 1.

...

junior_r by L3 Networker
  • 7404 Views
  • 7 replies
  • 0 Likes

Resolved! ip id in wireshark to confirm PA is not dropping the traffic

 

I am troubleshooting sharepoint connection to cloud on port 443

pcap and global counters show no drops

i see no discards in the cli.

 

when user access the website he sees blank page no contents

 

if i confirm the ip id in pcaps of the PA is same from rec

...

MP18 by Cyber Elite
  • 4114 Views
  • 6 replies
  • 0 Likes

Upgrading from 8.0.6 to 8.1.4 Issue

I am trying to upgrade from 8.0.6 to 8.1.4.

 

I can upload the image via the GUI and it states it saved. I use the cli to install the software package and it fails. I have downloaded 8.1.0 and 8.1.4. Do I need to upgrade to another iteration first?

 

Sid

...

Security Policy organization best practices?

We're working on an audit of our security policies to start getting rid of some generalized rules and start making things more specific.  I figured we could do some organization at the same time.  I'm curious how others are organizing their security

...

jsalmans by L4 Transporter
  • 4704 Views
  • 2 replies
  • 0 Likes

Resolved! Block Domain on NGFW

Hello,

 

can you anyone let me know how i block access based on domain name, e.g. i want a rule to allow all SMTP inbound except from domain testblock.com, how do i do this?

 

Thanks

 

Ryan

Resolved! Global Protect Portal Cached credentials

Under Global potect client logs i see in PAN GPA logs

 

cached credential for the portal

 

does it mean it i using username and pw for only the portal connection?

 

if i do not want portal to use cached credential what config change i need to do?

MP18 by Cyber Elite
  • 16989 Views
  • 3 replies
  • 0 Likes
  • 24231 Posts
  • 117 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks