This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4118 Views
  • 0 replies
  • 0 Likes

"Top Domains" report?

I think I've asked this but can't find the thread. What is the recommended way to get some kind of "Top Domains Visited" report?Everything seems to default to rdns of the endpoint which is not much use sadly with cloud/online content providers i.e. your users visit Amazon/BBC but the resolved destination is node-17-cluster-5.eu.akamai.com and s...

Panorama Disk spare alarm.

HI All expert my panorama M100 having an issue with disk space 95% in used need to clean up. I tried to delete all the core file and all the software and patching download but the Alarm still remain. Tried to monitor few days but it's still there....and keeping increase. Is that anthing i could to for clean up the disk space?

Disk space.JPG
Nono by L1 Bithead
  • 2080 Views
  • 1 replies
  • 0 Likes

Resolved! anonymize usernames in reports

Hi, I was wondering if we would have the option to anonymize our monitoring reports.with anonymizing reports I especially mean by graying out the username or change it by ip address in automated / schedulded report Thank you in advance

rtruyers by L0 Member
  • 3092 Views
  • 1 replies
  • 0 Likes

Firewall rules - strange suggesttion

Hi I gave a rule that allows snmp-trap messages to my SNMPD server. for some reason PA complains that SNMP-TRAP needs SNMP-BASE. Now if I add in SNMP-BASE this is going to open up port 161 where as trap uses 162. So why do i need SNMP-BASE

Resolved! Order of preference of source for user and ip mapping

Hello All If same user information is coming from AD and from other source like Cisco ISE syslog messages then which one takes preference in firewall?Also who can I verify that both sources are sending user/ip mapping? As I always see source AD using command 'show user ip-user-mapping'

Multi Factor Authentication Raduis Server Must be Restarted in order for MFA to Function Properly

I am currently testing Multifactor Authentication using a Radius Server.1. I have a test group of users who have been configured on my Radius Server2. The MFA Radius server is alway reachable via ping/icmp at all times3. MFA via the Radius Server works as normal for a time period ranging from 24-72 hours (i.e users log in using Global Protect Cl...

How security policy - intrazone works?

Trying to use a Security policy with type intrazone and action is Deny (any application & service).Target is to block all communication within the same zone (subnet). Such as ping, file share (smb), ftp, etc.The layer3 interface and the computers were connected to a unmanaged switch. But the outcome is only the gateway (layer3 interface) can...

jeremylo by L3 Networker
  • 4034 Views
  • 5 replies
  • 0 Likes

Log forwarding to Panorama

Hi, I have some problems with log forwarding from firewall to Panorama because it is consuming a lot of bandwidth. I have configured the firewall to buffer the logs before foward them to Panorama. I would like to know the following:* When log forwarding initiates from firewall to Panorama (50% or 90% of buffered size for example)?* How I control...

Resolved! QoS Reporting

I've deployed QoS on a PA-3050 and currently have 2 profiles that I'm specifically rate limiting at different bandwidths (class5 and class6). I've looked through all of the reports as well as App Scope but can't find anything that shows me bandwidth usage by QoS profile. Essentially the customer is looking to have a line graph that shows bandwid...

Captive Portal Redirect Page

Hello all, I am having a bit of an issue with getting captive portal to work the way I need it to. I have it setup and my Macbook was able to redirect to the correct page, I was able to successfully login, and then browse the web without issues. The problem I am having is after the timeout value I have set is over (5 minutes for testing), I can ...

Self-service Firewall rules?

Wondering if the NGFW are capable of automation. Automation as in, if someone has a set of firewall rules that needs to implemented and they know their source, their destination, their port, they can implement the rule themselves.

Resolved! Application vs Service in PA

Hi Experts, I've query in Application vs Service columns. As we all know the Palo Alto preferred method is to use Application column (SSL, Web-browsing) and refer to 'Application default' in Service. My query is, if we mark 'ANY' in Service column and filter the ports in Application column (SSL, Web-browsing) will PA firewall stop further proc...

PA1.JPG

QoS for VOIP over IPSEC VPN

Hi All I have four VPN sites and HQ with VOIP deployed. On HQ Palo Alto, I want if traffic come from LAN with some marking like 'af41' then give priority (real time) and copy the dscp marking when send across IPSEC VPN? -> For this, I have made one qos profile say 'vpn_profile_voip' with class '2' and assign priority 'real time'-> Then app...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks