This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4247 Views
  • 0 replies
  • 0 Likes

User-ID Statistics

We have a cenario where the Firewall control the Internet access from users in the local network and we control these access with URL profiles and security policies.We identify the user session with USER-ID Agent installed on Windows AD Servers.I'd like to count how many users the Firewall identify per day in the Internet Access.How can I get th...

mmcastr by L1 Bithead
  • 3986 Views
  • 3 replies
  • 0 Likes

Setting "log at session start" on multiple rules

I found a KB but it's from 2016 and is no longer applicable. I want to enable 'log at session start' on thousands of existing Security Pre-Rules across several Device Groups. I remember a multi-edit function but something's changed and I can't figure out how to do this. We're running Pano 8.0.8 and 7.1.8 on the firewalls.

Resolved! app not show on application field on policy based forwarding

Hi community, what is the reason one app not show applications field/We need create one policy with one app that show on applications, but when I check in PBF the app is not show. The app name "supremo" use default port tcp/443 and Implicitly Uses: web-browsing.What is the reason ?

Cacti Host Template: From PA500 to VM100 - failing

We have enjoyed Cacti statistics from our PA-500 box for years. But when I replaced the PA500 with a VM-100 then Cacti could no more connect to fetch data via SNMP. I thought both models used the same protocol and version. Below you'll see a screenshot of the cacti settings that worked with our PA500. What do I need to change here to connect ...

CactiHost.jpg

Why public cloud users did not need Palo Alto before ?

Dear all We can see heavy public cloud users since 2016. But we did not have Palo Alto on public cloud until recent. Does that mean public cloud does not need 3rd party security solutions like Palo Alto? Because if public cloud users really need 3rd party security solutions like Palo Alto, they should not survive 2016-2018, should they? They sur...

Re: user-id agent issues

We are using windows user-id agent for parsing the user and user group mapping info. often i see in the logs that the user is being not recognized and hitting the deny rule. after couple of minutes it starts recognizing the user and allows the traffic i am skeptical what could be the reason for this disparity. why would any user info and user...

Sanssj by L2 Linker
  • 2448 Views
  • 2 replies
  • 0 Likes

Resolved! Errors in installing Minemeld on Ubuntu 14.04

I am trying to install minemeld on ubuntu 14.04. here the steps I did: I made iptables inactive I Added and verified successfuly the repo GPG key I added the minemeld APT repo I verified that minemled APT is added in /etc/apt/sources.list However, we I do the last step: sudo apt-get update && sudo apt-get install -y minemeld rsyslog-mi...

Capture.PNG

PAN-SA-2018-0015

Hi guys, Just saw the notice about PAN-SA-2018-0015. Doesn't seem like this vulnerability is a real issue. Am I correct? Or is there a viable way of someone exploiting it?

YoniLeit by L0 Member
  • 4656 Views
  • 2 replies
  • 0 Likes

Resolved! How to generate traffic reports for a specifi interface

Hello Palo experts, I want to create a report which tells me what bandwidth has been used on an outside interface, for say the past month. Something that can display the average bandwidth being used during a day would be good. I see on my PA-3050 that under Network>QoS, that live bandwidth stats can be displayed, but can't see where I can exp...

rchung54 by L2 Linker
  • 23720 Views
  • 4 replies
  • 0 Likes

Deleting Panorama templates

Hi, A firewall has been configured with a template from Panorama, the template was then deleted from Panorama.Can i safely remove the template from the firewall without deleting the config applied through the template?

Add device in Panorama

Hi, We are trying to add a devices in Panorama. We have checked the conectivity FW-> in port 3978. We can see the packet running tcpdump in Panorama about packets comming from FW. so connectivity is OK. Everything looks ok. And we have another FWs in PAnorama correctly. This is the status "DIsconnected": FW versions is 7.1.6Panorama 7.1.9

Panora.JPG
BigPalo by L4 Transporter
  • 2150 Views
  • 2 replies
  • 0 Likes

Resolved! What is the value of a Backup Peer HA1 IP Address?

In some of our firewalls I note a secondary IP address is assigned to a single HA group ID. What is the value of having this second IP? The problem it's introducing is that SNMP Trapsare getting gerated once or twice a day noting that the secondary IP address couldn't be reached. But there is never a problem with HA failing over - the primary is...

Can Pan-os take action base on rules, condition or report?

Hi.I have a question about a scenario. Can Pan-OS/Firewall detected a infected host/client pc and take the following action.Blocking internett access from the infected hosts/client pc and move the infected host to a another security zone?ORJust move the infected host to a "security" zone that don't have access to internet?

tonyle by L0 Member
  • 2240 Views
  • 2 replies
  • 0 Likes

SSL Certificate Profiles - PANOS External Dynamic Lists

I'm running into an issue with external dynamic list threat feeds while using panos 8, the problem being is it seems they introduced a great feature to validate and authentication SSL sources by validating the signing CA for the threat feeds that can induce access rule entries. This is great although the problem I'm facing is the implementation ...

RTECIT by L0 Member
  • 3914 Views
  • 4 replies
  • 1 Likes

DNS "Aged Out"

ISP changed fiber line coming into site. DNS server addresses did not change (they say) but the external addresses and gateway did change. I can connect to the internet but just for about 2 to 3 minutes and then I lose access to the internet. Updated all definitions with the new information. Simple network… LAN ...

  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks