This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4473 Views
  • 0 replies
  • 0 Likes

o365 api miners not working - 0.9.48 Ubuntu VM

Running Minemeld on Ubuntu VM. I upgraded from 0.9.44 to 0.9.48 to get the o365 api miners. The API miners fail with "Bad Request" I tried restarting the API but that did not resolve the issue. Can someone advise me on what to do to fix this problem? Thank you

BadReq.JPG
badreq2.JPG
alterioc by L2 Linker
  • 3195 Views
  • 1 replies
  • 0 Likes

Regex for Chromebook Username

Hello all! We have a little hiccup with our chromebook integration. The issue is, when a user logs in, the info is reporting to the PAN as "domain\john_smith". The PAN is setup to read users as "domain\john smith" so it tags the user incorrectly and applies the incorrect policies. Is there a way to use regex to parse the username and if an "_" ...

Screen Shot 2018-07-19 at 9.45.41 PM.png
jcalzada by L0 Member
  • 3897 Views
  • 3 replies
  • 0 Likes

Traffic Logs not showing up on Monitoring Tab

Hi All, Device Type: PA-220Software Version: 8.0.11-h1 Im having an issue with old traffic logs not showing up on the monitoring tab. I can see live logs but if I want to check the logs for the previous day or previous 2 days then nothing shows up. It only goes back to a certain time. We have cleared all the logs on Friday 13 July so that it can...

Error fetching External Dynamic List (EDL)

Hello, When trying to fetch an EDL from a web server configured without support for TLSv1 (only support TLSv1.1 or 1.2) the result is "Server error : URL access error". I don't know if PAN-OS 7.1.18 fetch client for EDL only support TLSv1. Checking ciphers compatibility for 7.1 I can't find the answer: https://www.paloaltonetworks.com/documentat...

fjmjugr by L1 Bithead
  • 7615 Views
  • 6 replies
  • 0 Likes

Resolved! requesting connection status via code or through CLI

Hey there, I'm designing windows 10 app which needs to connect to a office based database via a remote laptop.The laptop will have access to the office through the GlobalProtect VPN.I need a way to query the GlobalProtect windows agent to see if there is an active VPN connection so I can start making database calls or use locally stored data.Any...

Asymmetric Routing and TCP syn check (Pulukas Solution)

Hi Everyone, Asymmetric Routing and TCP syn verification is a common issue and there were many articles on how to resolve that, basically1 - To change routing itself and make sure there are no asymmetric routing in the network - best from PA point of view2 - disable tcp syn verification globally on the firewall - worst for PA 3 - Disable tcp syn...

Dimitrus by L0 Member
  • 4385 Views
  • 2 replies
  • 0 Likes

Support for inspecting SSL message for kafka connect

We are using Kafka for messaging and have a requirement to inspect the SSL message sent to kafka broker from kafka connect. Kafka using binary tcp protocol with kafka broker listeners on PLAINTEXT://9093 (without SSL) Can paloalto decrypt and inspect the kafka message content?

Does Palo Alto (VM) firewall supported in VirtualBox?

Has anyone managed to installed and run Palo Alto (VM) firewall successfully in VirtualBox?I've been trying to setup my own lab for learning purposes. Basically, this lab contains client, firewall, and server with different network segment. Client --> Firewall --> ServerI managed to install it but can't make it work on network part. Only "...

PA-VM 8 v1.jpg
prenatip by L1 Bithead
  • 7799 Views
  • 1 replies
  • 0 Likes

VPN certificate expires

Hey!My firewall is a PA-3020 with 8.0.7. There is a Global Protect gateway and portal, users can connect via Global Protect.As portal address in the global protect app, we are using an address that is availabe in public dns.Additionally, there is a public signed certificate. When I do https://portal-address in a browser, I can see that the certi...

MPI-AE by L4 Transporter
  • 9384 Views
  • 7 replies
  • 0 Likes

What is application db = 0 and app.id c2s node (0, 0) s2s node (0, 0) in session id command

Hello Folks,I am looking for some more information on session id command outputs. I see a session in free state with application db = 0 and app.id c2s node (0, 0) s2s node (0, 0) . What does this mean ?Is this that app-id engine of PAN is not able to identify any application with no c2s or s2c flows ? application db ...

Resolved! Use Domain EDL for purposes other than DNS sinkholing?

Can you use a domain EDL for other purposes or only for DNS sinkholing? In other words, can you use a domain EDL in any policy rule in the same way an FQDN object can be used? I would expect that you can, but wanted to ask.

RISI by L2 Linker
  • 4511 Views
  • 4 replies
  • 0 Likes
  • 24380 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks