This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4225 Views
  • 0 replies
  • 0 Likes

CHACHA20_POLY1305 Support?

Anyone know or heard when we might get CHACHA20_POLY1305 cipher support for Inbound Decryption? I finally came across a server using it... my Enterprise Services team is setting up a Papercut on-prem server and it seems to be running multiple web services. One service is using our standard public cert we've purchased with standard cipher suites...

jsalmans by L4 Transporter
  • 3400 Views
  • 1 replies
  • 0 Likes

MineMeld-engine FATAL

Hello Folks, I recenlty ran through the MineMeld installation onto Ubuntu 14.0.4. I noticed during the installation of MineMeld a few errors or notifications showed up regarding pip and sudo as seen below: The directory '/home/eddie/.cache/pip/http' or its parent directory is not owned by the current user and the cache has been disabled. Ple...

PA-5000 series - big hit?

Among our user base ( Indeni ), the majority of PANW devices deployed globally are the PA-5000 series, mostly PA-5060, PA-5050 and some PA-5220. Anyone knows why?

YoniLeit by L0 Member
  • 3568 Views
  • 4 replies
  • 0 Likes

Resolved! Best way to allow ALL traffic for troubleshooting

Hi people, I want to troubleshoot a connectvity issue.... typical problem where server guy says "it's a firewall issue". Can anyone suggest what's the best way to allow all traffic? I was thinking of traffic from my source (10.0.0.0/8) to destination B10.1.0.0/8) but use Application: ANYService: ANYlog both start and stopturn off virus checking...

Jedi_D by L2 Linker
  • 4210 Views
  • 2 replies
  • 0 Likes

URL report top 100 with browsing time

Hi All, i was trying to get as close as possible to bluecoat report that able to provide1.URL visited2.URL category3.Browse time4.User So the closest i can get is URL report with counts, but not browse time, secondly i can get Traffic logs with elapsed time, without URL info. is there anyway i can mix them with api function? thanks in advance

MineMeld install failing on Ubuntu Server 16.04.4

Having a devil of a time installing MM. I got to the 37th task in the install but got this error:TASK [minemeld : create extensions frigidaire] **************************************************************************************************************fatal: [127.0.0.1]: FAILED! => {"changed": true, "cmd": ["/opt/minemeld/engine/current/bin...

Abruner by L1 Bithead
  • 7268 Views
  • 6 replies
  • 0 Likes

Resolved! Management Interface not sending a frame.

I have two PaloAlto 850's in HA. I am unable to ping or reach the secondary/standby webgui. Both are connected to the same switch, when looking at the switch CAM table the secondary MGMT interface is not getting populated with the FW MAC address. Being that the switch is not recieving a frame from the FW to populate the CAM table I have tried th...

PA-220 WAN link "not configured but up"

Hello,I need to add a fiber internet line on a PA-220 router but I have an error message:: Not configured but upLink speed: 100 MbpsLink Duplex: half The physical link, the IP configuration and the fiber box are OK I suspect the "HALF" setting should be "FULL".If I configure the link "full", it comes back "half" when I reconnect the fiber box......

paloalto.jpg

How to Block a Specific HTTPS Site with URL Filtering

Hi If I want to use URL Filtering Profile to block a particular "https" website (for ex, youtube.com) do I compulsorily need a decryption profile as well? This question is partly answered here:https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Block-a-Specific-HTTPS-Site-with-URL-Filtering/ta-p/53840 But the example is specific t...

Resolved! error activating extension

Hi Guys need some help. I copied the taxii class and renamed it then i followed youtubeminer to make and extension out of it. when I install it it shows me install success and shows success in activation. but i don't see the prototype in the list. In the logs in see: loader._initialize_entry_point_group ERROR: vinamrataxii.prototypes not...

Resolved! Issues with incomplete application

Hello, I've been looking into issues I'm having with our Azure environment and RDP. Our setup is pretty nominal currently but we do have a couple of VM's that we can get into. At some point, something changed and I cannot log into specific VM's that were already setup, as well as new VM's I create. I can however log into the currently accessi...

Office 365 access issue

Hi Guys, we have a problem: if a pc is in the lan, behind the firewall, we are not able to log in to office365, but if we use an external connection it works.i don't see any log with application containing 'office'We have not decryption enabled, PA-3020 with 7.1.14 Do you have any hint?Regards,Daniele

DKanta by L2 Linker
  • 3561 Views
  • 3 replies
  • 0 Likes

Resolved! User-ID Agent installed on Domain Controller doesn't appear to be collecting event logs

Hi guys, I've installed the Palo User-ID agent on a single domain controller (8.0.906) using the Palo Networks guide below: https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/user-id/map-ip-addresses-to-users/configure-user-mapping-using-the-windows-user-id-agent/install-the-windows-based-user-id-agent Our environment already has Us...

Palo Alto 5250 - Configuring HA between vsys

Hi, Is it possible to configure two physical Palo Alto 5250 in Active - standby mode while distributing the load for Vsys across both the physical firewalls. For eg.I have two physical firewalls - PA1 & PA2I have 6 vsys in each firewalls - Vsys1, Vsys2, Vsys3, Vsys4, Vsys5, Vsys6 Is it possible to have the below mentioned setup? PA1Vsys1 -...

MGRashmi by L2 Linker
  • 6161 Views
  • 2 replies
  • 0 Likes

ECMP Config for 2 Internet links Site (Dual ISP)

Hello Everyone! Site with 2 X PA500 in HA2 Internet LinksPANOS 7.1.16ISP1 - 187.190.74.22 (internet dedicated)ISP2 - 192.168.0.66 (DSL link) Config doneVirtual Router 1 - RT-LANVirtual Router 2 - RT-WAN @RT-LAN0.0.0.0/0 points to next VR "RT-WAN" @RT-WAN0.0.0.0/0 points to 1/1, next hop 187.190.74.1, metric 100.0.0.0/0 points to 1/2, next hop 19...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks