This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4118 Views
  • 0 replies
  • 0 Likes

Application dependency behavior

Rule 1 blocks apps A & BRule 2 allows the same apps as they are included in an application filter, along with otyher apps. Why do i see app dependency warning for the apps that are blocked by rule 1, & how can i resolve this. Rule 1 allows apps A & BRule 2 allows there dependent apps. I still see warnings for app dependancy. Why? I d...

raji_toor by L4 Transporter
  • 2765 Views
  • 1 replies
  • 0 Likes

OSPF Issue in 8.1.1

Hello, I am facing a flapping issue in OSPF, where the neighbor keeps going up and down, I tried adding a static route but the connectivity still drops packets between two devices behind the firewall on one side and behind the other mpls router on the other side, I wanted to check if this is related to the bug that was addressed in 8.1.2 as bell...

u-turn - why?

Hello,i'm moving complex configuration from Juniper's ISG2000 (ScreenOS) to PA-5220 and i faced a problem with internal servers (in DMZ zone) which should be available for everyone (including our own employees) on public IP addresses. On ScreenOS it was simple:Created MIP/VIP object (server-public-ip -> server-internal-ip)1st rule from trust ...

MarcinR by L1 Bithead
  • 13228 Views
  • 9 replies
  • 1 Likes

Decryption and Firefox

Greetings From my research into useing decryptiona nd the SSl certificate.I believe I need to manually install the certificate for each user? Is there not a better way? As a School that equals 100 users and about 300 PC's. If there is not a better way then there isn't. Thanks

Wykeham by L1 Bithead
  • 4934 Views
  • 4 replies
  • 0 Likes

TLS 1.3 support

When can we expect PANOS to support TLS 1.3 for SSL Decryption and WebUI management ? Firefox will have TLS 1.3 on by default with Firefox 52. Chrome 56 already have TLS 1.3, but Google paused the roll out at this point, due to other vendor problem.. https://www.theregister.co.uk/2017/02/27/blue_coat_chokes_on_chrome_encryption_update/

Resolved! UIA 8.1 issue

I have two different customers who hits same issue.One user is using PAN-OS 8.1.3 and UIA 8.1.3-10,another is using PAN-OS 8.0.12 and UIA 8.1.3.-10. The issue is that UIA detects user info as three types of formats like...1) domain\user (this is same as previous version)2) domain.local\user3) user@domain.local When PA received these info, "show ...

emr_1 by L5 Sessionator
  • 3169 Views
  • 1 replies
  • 0 Likes

Resolved! upgrading active passive panorama from 8.0 to 8.1.3

panorama is in active passive mode.need to upgrade from 8.8.x to 8.1.3 so i can upgrade the passive device first all the way from 8.0 to 8.1.3?then do the failover then upgrade the previous active one?? also panorama can still manage the PA running 8.0x right?

MP18 by Cyber Elite
  • 2247 Views
  • 1 replies
  • 0 Likes

HA sync time

I have 400 rules and it takes my PA 5050 HA pair 4 minutes to sync, that seesm long to me anyone else know their sync times or what should be a reasonable time?

jdprovine by L4 Transporter
  • 6315 Views
  • 8 replies
  • 0 Likes

GlobalProtect Install issues

having a bit of a weird issue. I believe it may be related to some of my security setting in GPO, but I can't tell what. When users download one of the 4.1 releases of the GlobalProtect clients, the install will go through the first screen or two, ask for elevated privlidges, then say it can't install (A program run as part of the setup did n...

GlobalProtect - Understand Client side Logs

Hi Guys, We are doing a global protect deployment and I'm new to this area. Time to time we have some users with poor performance or freequent disconnects from global protect who send us log fles.I have tried to search documentation that could provide information around global protect logs files.I need to understand difference of each log files ...

Namalw by L1 Bithead
  • 5050 Views
  • 1 replies
  • 0 Likes

Url filtring

Hello all, Actualy we have 2 PA 3020 firewall in our company, we have some issue with the option URL filtring. we have a policy block all user to acces to the web page with category (ex: games ...) in the monitor, I find the users who are bloked but i can't find who are allowed. there are some users working with proxy (web plugin), how can i id...

Session browser vs. traffic logs

Hi all,Maybe someone can help to bring some light on my question. I'm trying to determine the difference between the session browser and the traffic logs. Why it is that when I search on a rule in the traffic logs I see specific traffic that is not in the session browser? I'm trying to remove a rule from our firewall by first seeing if other rul...

Resolved! PA-3020 vs PA-850

Hi,I am in the process to purchase a new pair of firewalls (in active/passive setup), but I am stuck in selecting PA-3020 or PA-850.While the tech specifications are similar, the cost is not.Additionally, the PA-3020 is around since a while, so I am more oriented to purchase the PA-850.This is going to serve a 350-people office, and I will need ...

AMoretti by L1 Bithead
  • 9192 Views
  • 4 replies
  • 0 Likes

Resolved! ssl decryption enabled and proxy_wait_pkt_drop

ssl decryption is enabled on PA.sh running resource monitor is also normal. when i run below command i see show counter global filter delta yes category proxyGlobal counters:Elapsed time since last sampling: 124.323 secondsname value rate severity category aspect description------------------------------------------------------------------------...

MP18 by Cyber Elite
  • 3745 Views
  • 4 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks