This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4123 Views
  • 0 replies
  • 0 Likes

PBF not working when ECMP is configured

HI I have two internet links and configured ECMP to do load balacing based on weight, Here I want to allow few users from my internal to specific desired destination based on my PBF to take my ISP2 path. But it is sometimes taking ISP 1 and sometimes ISP2 when I'm going through my ISP2 i can able to reach my destination server but fails when I'...

Multiple GlobalProtect Gateways on same interface?

We recently (today) configured pre-logon VPN, but have come across what could be a show stopper. As its currently configured we have configured: Gateway > (gateway name) > Authentication > Certificate Profile > (a client cert signed by our infrastructure) If a machine has this cert installed it now succesfully connects via "pre-logon...

welly_59 by L3 Networker
  • 6339 Views
  • 3 replies
  • 1 Likes

USERS WEB Surfing

Hello allThere is a task.The Management want to see what employers do during work time.Which sites they surf and so onWe have Palo Alto PA-850Is it possible to show them in real time which user surfing which web site.I mean real time surfing?I know that there is USER ACTIVITY REPORT.But it is not allow us to see in real time user surfing like In...

Radmin_85 by L4 Transporter
  • 2286 Views
  • 2 replies
  • 0 Likes

Traps false positive

Hi, Our traps solution is detecting malware when it shouldnt happen. This hash have been checked as benign, Within Security Events we are repeated alerts in Malware Modules due to the protection of processes that refer to executable parents and children that despite having a benign diagnosis by Wildfire continue to appear recurrently, in fact t...

1.jpg
2.jpg
3.jpg
BigPalo by L4 Transporter
  • 2136 Views
  • 2 replies
  • 0 Likes

Load Config Partial for Panorama Firewall Import

If anyone used it before, can you please share “load config partial” commands to import all configuration items from saved firewall xml config (fw1.xml) file into new Panorama template (e.g. template1) and new device group (e.g. dgropup1).I can work out most of them, but have the feeling that I am missing some configuration items.

BatD by L4 Transporter
  • 4204 Views
  • 6 replies
  • 0 Likes

Failed to add imported nodes from device to Panorama

I am trying to import firewall to Panorama using “Import named Panorama configuration snapshot” option. However when I select the device, I get the following error message, with no indication of why it is failing: “Failed to add imported nodes from device to Panorama. Validation failed.” They are new firewalls with very little configuration on t...

BatD by L4 Transporter
  • 2481 Views
  • 1 replies
  • 0 Likes

Authentication policy for RDP

I have succesfuly implemented auth policy for http and https (with decryption).But I can't get it to work for RDP. Yes, I know I need GP client for non-browser protocols. Customer is using MS MFA server. As it's not supported by PA as MFA server we configured it as Radius server.I have auth profile which uses Radius server profile towards MS MFA...

santonic by L6 Presenter
  • 4307 Views
  • 2 replies
  • 0 Likes

Packet flow for Hardware Offload

Dear Experts, Was wondering regarding packet flow in terms of hardware offload. Is it like below or somethingelse? Ingress Stage > Session table/flow lookup> Offloaded or Ingress Stage > Session table/flow lookup > App-ID/Content-ID inspection is done or not > offloaded Please suggest. Best Reagrds, Fozail

fozail by L3 Networker
  • 4826 Views
  • 4 replies
  • 0 Likes

Resolved! panorama and user-id agent connections

Hi I have a A/P clusert and I have panorama talking to it and also other PA's to distribute userid info. Now I have agent configured from panorama to each of the management ports on the A/P cluster. But 1 is always failing - as its the passive one, I was thinking i should actually attach userid agent to a lo back device and have only 1 agent con...

Resolved! attacker and victim who is impacted?

under threat logs i see attacker and victim and also i see spyware signature attacker is source - dns server--- victim is -- appliance how can i verify who is impacted with this spyware? Mike

MP18 by Cyber Elite
  • 3463 Views
  • 4 replies
  • 0 Likes

Resolved! Pre-Logon GP VPN

Ive read a number of guides, but for the life of me i cannot get pre-logon working. Is there an idiots guide to the required certs i need? Our clients already have a machine cert which we use for wifi authentication

welly_59 by L3 Networker
  • 2612 Views
  • 1 replies
  • 0 Likes

Resolved! Application and Threat Update ----Decoder

need to confirm one thing below with application and threat updates when we see the decoder as DNS then we do need to check all the vulnerability and anti spyware in order to make what traffic is linked to DNS? In other words when i see the decoder as DNS i just want to make sure which anti spyware or vulnerability is modified? Mike

MP18 by Cyber Elite
  • 2905 Views
  • 2 replies
  • 0 Likes

Globalprotect disconnects

Weird one here, I have many remote users, all over, experiencing no issues. But... I have one user which when the user connects, he successfully connects but as quick as he auth's, he gets disconnected. Reason "client logged out". In which he does not logout, his side just never connects. + HQ is in Nor Cal, user is in Florida+ User only uses "y...

k.truex by L1 Bithead
  • 7990 Views
  • 5 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks