This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4105 Views
  • 0 replies
  • 0 Likes

Resolved! TAXII into QRadar

Hi there, Is there any guidance for how to set up TAXII output for QRadar to ingest? I see in the latest release notes: - TAXII DataFeed now translated IP Ranges into CIDR for better compatibility with 3rd party TAXII clients (read IBM QRadar) So I figure it must be possible 🙂 but when I put the discover service URL into the Threat Intell...

Resolved! How to use Aggregate interfaces LACP?

Testing a PA-220. Create an Aggregate group with 2 interfaces.Both interfaces connect to an unmanaged D-Link switch. And it connected to the company network.The aggregate interface can up when LACP is not enable.After enable LACP. It down and hover the mouse on it show below info: ethernet1/2: not active (negotiation failed)ethernet1/1: not acti...

jeremylo by L3 Networker
  • 9551 Views
  • 5 replies
  • 0 Likes

Resolved! Is LDAP server signing request supported on the latest PAN-OS version for the User-ID Group mapping.

Hi All, I would like to know if we started to support the LDAP server signing request on our latest PAN-OS versions for the User-ID Group mapping. I tried searching for latest docs and verified the latest admin guides but could not find a supporting document for it. We have a document which is pretty old: >> https://live.paloaltonetworks.c...

Need help determining why something is blocked.

I am getting the following items blocked, but I can't tell why. I am not blocking the games category with my URL filtering. I also can't find a way to specifically allow Microsoft PE file transfers. I have also tried whitelisting the site, but nothing I do will allow this. Sorry I'm new to Paloaltos but it seems like it should be easier to de...

Palo-Deny.GIF
dsmall by L0 Member
  • 3102 Views
  • 3 replies
  • 0 Likes

Resolved! How to add a new admin user via the API

I'm working on a script to deploy new Palo Alto firewalls in vmware from template, using powershell.I'm doing this with API calls in the powershell code. for instance, change hostname: $hnURL = "https://myPA//api/?key=" + $apiKey + "&type=config&action=edit&xpath=/config/devices/entry[@name='localhost.localdomain']/deviceconfig/syste...

ICAP support with PA for DLP

Hi Team please advise if DLP , ICAP is supported with PA . There is no document found as such , but i have found few fourms which says it is not supported but wanted to check as a confirmation.

Rameshwar by L3 Networker
  • 5965 Views
  • 1 replies
  • 0 Likes

Re: Application based Policy approach

While moving from a service based to application based policy approach how to tackle the dependent applications for the specific application. for instance consider a app "webex-base" which is dependent on apps"rtcp, rtp-base, ssl, stun, web-browsing"."Webex-base" has a standard-port tcp/443,80,1270, udp/8070,8090,9000. when i see the logs it sho...

Sanssj by L2 Linker
  • 3690 Views
  • 1 replies
  • 0 Likes

Resolved! Mixed Internal and External GlobalProtect

Hi All!I'm working through the "Mixed Internal and External Gateway Configuration" and something isn't quite clear - Do I need to create 2 separate GlobalProtect Portals (one to listen on the outside interface and one for the internal interface) or should I be able to access the same portal using the same IP? Using 2 separate Portals on 2 separa...

Issue with External Dynamic List

I have just created a new/first External Dynamic List on my firewall with a type of URL. I have applied an action under a number of URL filtering Profiles, but I see the following messages: request system external-list show type url name edl-url1 Server error : external dynamic list global/edl-url1 not used in rule after a while the message will...

murphyj by L2 Linker
  • 3575 Views
  • 3 replies
  • 0 Likes

sip application deny log that hitting trust to untrust any allow policy

Hello, i have a issue this is rule 213. (trust ==> untrust any allow) this is action deny log that hitting rule 213 & sip applicationpackets sent is 1 and received is 0 this is action allow log that hitting rule 213 & sip application both log image is equal destination ipWhy is this happening?if sip session is not created, then the...

20180801_103542.png
20180801_103631.png
20180801_104737.png
hbshin by L2 Linker
  • 2038 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect VPN and third-party application installed on user's machine (Windows 10)

Hi there, Being a vendor, I'm having a hard time deplyoing my Windows 10 UWP application on client's machines.The application needs access to the internet in order to operate. It loads a login webpage inside webview, using HTTPS (port 443). No other ports or protocols. The problem is that the app fails to load login page on client's machine when...

Problem adding zone to tunnel

I'm trying to add a zone to a tunnel interface. I can create the tunnel and configure it via panorama defining virtual router, vsys and zone to be applied via template. But when I check the devices where it should be applyed both zone and virtual router are defined as "none" for the tunnel even though Panorama is showing the configuration I wan...

ibge by L1 Bithead
  • 2272 Views
  • 1 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks