This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4136 Views
  • 0 replies
  • 0 Likes

Resolved! Firewall intercepts Virus between networks. False Positive???

Dear Palo Alto experts..., We have various systems in our LAN seperated by our Palo Alto firewall. In the last 24 hours the firewall detected 2.7K times the virus "Virus/Win32.WGeneric.rktkq" The systems are scanned for inventory by two programs. Spiceworks and PDQ inventory. The scan server is on one side of the firewall. The other servers are...

2018-05-31 10_39_51-FW-PA500-1.png
2018-05-31 10_35_11-FW-PA500-1.png

The WildFire module price

Hello, сolleagues!I am interesting in the PaloAlto and I am only starting to use it. IPlease say where can I buy subscription to the The WildFire module ?Can I buy only The WildFire subscription or I must buy smth else?If anybody know where is a page with prices - please say. I found the page with description https://www.paloaltonetworks.com/pro...

Resolved! X-forwarded-for not showing results

We use F5 with its VIP interfaces in DMZ and is doing SSL offloading (presents a cert on the webserver's behalf allowing plain text traffic to be inspected). As in below example, external source(1.1.1.1) acesses 2.2.2.2(PA NATS to 10.10.10.10 of the F5 VIP). F5 then does SSL offload and SNAT for communication with server, but the source interfa...

image.png
raji_toor by L4 Transporter
  • 5834 Views
  • 4 replies
  • 0 Likes

Resolved! Is there a protoype that can read this XML format?

Before I go down the route of writing a prototype (or attempting to), I was wondering if there was a prototype that I could use to read an IP list in this XML format. I would be interested in pulling out the address and country: <?xml version="1.0" encoding="utf-8"?> <rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" ...

Running MineMeld from OVA

Good afternoon! I have a quick question about running MineMeld from the OVA. We have some pretty strict policy against installing via GitHub and, the best way for me to get MineMeld installed, would be to use the OVA method. I'm new to running it this way. After I get MineMeld up and running on this VM, can I upgrade MineMeld to the latest ...

Not having a Threat license on panos and do the AV and anti-spyware functions even work?

I am a little new to PA firewalls. My question is, with an expired Threat license, or no Threat license installed at all, is all the functionality of the AV and anti-spyware components not active? Customer has one with expired license, but I am trying to be specific on what functionality they have lost due to the expired license. Another cust...

S_Gibney by L0 Member
  • 2581 Views
  • 2 replies
  • 0 Likes

Create new prototype for Rest API and simple URL

Hi Experts, I have a customer who wants to create new prototype for this customer. customer requirement is very simple but, it's very hard to me. first of one, customer said spunk is using Rest API, below is feeds from splunk curl -k https://splunk_IP_address/services/search/jobs/export -d "search=| inputlookup autofocus_lookup" -d output...

jilim by L1 Bithead
  • 4549 Views
  • 3 replies
  • 0 Likes

RTP fragment packet flowing is not allowed when fragment enabled on zone protection of PAN-OS

Hi All, I have an issue about sip/rtp traffic. Endpoints are using a calling application that used sip protocol . We have also enabled fragment feature in zone protection setting.I investigate this issue and when endpoint make calling, zone protection drops rtp packets because they are fragmented.Could you inform me is there another solution adv...

Resolved! How do you use the new predefined Dynamic IP lists?

Greetings all, I'm wanting to use the new Palo Alto provided dynamic IP lists to block known malicious or high risk IPs but, when creating a security policy, I can't seem to get it to appear in the list for selection. I've tried copy/pasting the name in there and it just shows the red underline. I'm doing this in 8.0.7 Panorama and both of my f...

jsalmans by L4 Transporter
  • 9434 Views
  • 11 replies
  • 0 Likes

SSL decryption non standard ports

Hello all, I am wondering if palo can identify and decrypt encrypted traffic on non-standard ports(other than 443)? In other words, does firewall decrypt all encrypted traffic traversing through that matches rule?

Resolved! show user group name not showing user list

Hello, We are not getting the list of individual users in the command: show user group name <name> > show user group name "CN=adminstaff,OU=staff,OU=security,OU=Groups,OU=College,OU=Schools,OU=CEWA,DC=test,DC=edu,DC=au" short name: test\adminstaff source type: ldapsource: TEST_AD_Groups We can see them in the Webgui. We followed t...

Farzana by L4 Transporter
  • 9175 Views
  • 1 replies
  • 0 Likes

PAN-2020 site-to-site with Meraki Cloud managed firewall

Hi all,Has anyone had success establishing a site-to-site tunnel between an PAN firewall and a Cisco Meraki Cloud managed firewall? I've been messing with it for most of the day and have not found much luck. I've added a third party peer on the Meraki, but it doesn't seem to make any connections back to PAN even an attempt to establish the tun...

cmateam by L3 Networker
  • 10090 Views
  • 7 replies
  • 0 Likes

Resolved! Configuring OCSP

I am trying to configure OCSP and I am a little confused. I have added an OSCP responder. It appears the second step is to allow the Firewall to use it by configuring Device-Management->Interfaces. However, for most of my settings, I am using a Service Route Configuration and I don't see HTTP OCSP listed as an option in Service Route. Is ...

  • 24340 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks