This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4105 Views
  • 0 replies
  • 0 Likes

Resolved! Server Log Monitor Frequency and User-ID

What recommended value for Server Log Monitor Frequency if we increase the from 2 Sec to 10 Sec ? What is the relation between this queries and User Identification Timeout of 600 minutes and Server Log Monitor Freq?

NavidAlam by L3 Networker
  • 5697 Views
  • 1 replies
  • 0 Likes

Panorama Security Rules Export in Human Readable Format- Excel Sheet

Hi, I am new to Palto Alto. I have a requirement to download security rules of several firewalls so it can be viewed bu audit teams. I have downloaded the running configuration file of target firewalls I need and I have been able to format the output into a searchable excel file. However, when I was looking at the security rule output I noticed ...

Trouble getting through to VMWare interfaces from VM-100

Hi,We have migrated a PA500 500 config to a newly installed VM-100 (ver. 8.1) running as the only VM under a standalone ESXi 6.5 host (not in vSphere). All interfaces are assigned and I have verified the assignment of each by plugging and unplugging cables and checked the different vmnics' status. Furthermore all the VM-100 interfaces are corr...

Transparent Proxy

Hello, I am new with PA family and currently evaluating PA-3220 / PA-3060 applianceI would like to know if i can implement transparent proxy feature with the above applaince for all my users including branch office without making major changes to network architectureFYI, branch office are currenlty connected to HQ over IPsec site-to-site tunnel ...

Resolved! Migrating from sub-interface to L3 interface

Hi, We have pair of PA in HA mode, we are going to move one of the sub-interface to a L3 interface. is it possible to do this without any downtime? I am considering below steps take out sub-interface from monitored interface (to prevent failover)configured L3 interface on standby firewall (is this possible to have a different config between acti...

CHACHA20_POLY1305 Support?

Anyone know or heard when we might get CHACHA20_POLY1305 cipher support for Inbound Decryption? I finally came across a server using it... my Enterprise Services team is setting up a Papercut on-prem server and it seems to be running multiple web services. One service is using our standard public cert we've purchased with standard cipher suites...

jsalmans by L4 Transporter
  • 3381 Views
  • 1 replies
  • 0 Likes

MineMeld-engine FATAL

Hello Folks, I recenlty ran through the MineMeld installation onto Ubuntu 14.0.4. I noticed during the installation of MineMeld a few errors or notifications showed up regarding pip and sudo as seen below: The directory '/home/eddie/.cache/pip/http' or its parent directory is not owned by the current user and the cache has been disabled. Ple...

PA-5000 series - big hit?

Among our user base ( Indeni ), the majority of PANW devices deployed globally are the PA-5000 series, mostly PA-5060, PA-5050 and some PA-5220. Anyone knows why?

YoniLeit by L0 Member
  • 3461 Views
  • 4 replies
  • 0 Likes

Resolved! Best way to allow ALL traffic for troubleshooting

Hi people, I want to troubleshoot a connectvity issue.... typical problem where server guy says "it's a firewall issue". Can anyone suggest what's the best way to allow all traffic? I was thinking of traffic from my source (10.0.0.0/8) to destination B10.1.0.0/8) but use Application: ANYService: ANYlog both start and stopturn off virus checking...

Jedi_D by L2 Linker
  • 4159 Views
  • 2 replies
  • 0 Likes

URL report top 100 with browsing time

Hi All, i was trying to get as close as possible to bluecoat report that able to provide1.URL visited2.URL category3.Browse time4.User So the closest i can get is URL report with counts, but not browse time, secondly i can get Traffic logs with elapsed time, without URL info. is there anyway i can mix them with api function? thanks in advance

MineMeld install failing on Ubuntu Server 16.04.4

Having a devil of a time installing MM. I got to the 37th task in the install but got this error:TASK [minemeld : create extensions frigidaire] **************************************************************************************************************fatal: [127.0.0.1]: FAILED! => {"changed": true, "cmd": ["/opt/minemeld/engine/current/bin...

Abruner by L1 Bithead
  • 7182 Views
  • 6 replies
  • 0 Likes

Resolved! Management Interface not sending a frame.

I have two PaloAlto 850's in HA. I am unable to ping or reach the secondary/standby webgui. Both are connected to the same switch, when looking at the switch CAM table the secondary MGMT interface is not getting populated with the FW MAC address. Being that the switch is not recieving a frame from the FW to populate the CAM table I have tried th...

PA-220 WAN link "not configured but up"

Hello,I need to add a fiber internet line on a PA-220 router but I have an error message:: Not configured but upLink speed: 100 MbpsLink Duplex: half The physical link, the IP configuration and the fiber box are OK I suspect the "HALF" setting should be "FULL".If I configure the link "full", it comes back "half" when I reconnect the fiber box......

paloalto.jpg

How to Block a Specific HTTPS Site with URL Filtering

Hi If I want to use URL Filtering Profile to block a particular "https" website (for ex, youtube.com) do I compulsorily need a decryption profile as well? This question is partly answered here:https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Block-a-Specific-HTTPS-Site-with-URL-Filtering/ta-p/53840 But the example is specific t...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks