General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 199 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 881 Views
  • 0 replies
  • 0 Likes

Cybersecurity Thoughts

Hi,

I have recently read many Plao Alto and TrendMicro research articles, predictions and reports on subject of cybersecurity. Regardless of personal opinion there are possible catastrophic results that could happen in case of abuse of certain sectors

...

WillAlt by L1 Bithead
  • 2655 Views
  • 1 replies
  • 0 Likes

Resolved! pa200 two interfaces in same zone

hi everyone,

 

we have a pa200 with three L3 interfaces currently in use:

 

eth 1/1 - untrust - dynamic ip

eth 1/2 - trust - 192.168.18.1/24

eth 1/3 - dmz - 10.10.10.254/24

eth 1/4 - currently unused

 

Now we would like to configure eth 1/4 just like eth 1/2,

...

Resolved! Latency on Internal Interface

Hello,

 

Using PAN-OS 8.0.7. When we ping a trusted interface, we see latency up and down. Any clues?

 

root@test-machine:~# ping 10.2.2.100
PING 10.2.2.100 (10.2.2.100) 56(84) bytes of data.
64 bytes from 10.2.2.100: icmp_seq=1 ttl=63 time=3.46 ms
64 bytes

...

Farzana by L4 Transporter
  • 19939 Views
  • 9 replies
  • 0 Likes

UserID Factor Completion Time - Bad Data

We are seeing some random UserID entries being fed into our firewall that have a Factor Completion Time of "1969/12/31 19:00:00"; these always have a timeout of "0" so effectively kill the user mappings for that user.

 

Has anyone seen this before?  We

...

apackard by L4 Transporter
  • 4062 Views
  • 3 replies
  • 0 Likes

Zone protection - alert only

I have been investigating zone  protection and DoS protection for awhile now and I think I would have already implemented it if you could configure all the settings to alert when you begin testing.  

jdprovine by L4 Transporter
  • 3626 Views
  • 7 replies
  • 0 Likes

Resolved! pan-os 8.0 ntp not sync

Hi,

 

I have a problem with test VM-300, NTP not sync and use local clock.

But if i try to set timezone - clock set not correct

 

 

>show ntp

NTP state:
NTP not synched, using local clock
NTP server: 178.124.164.107
status: rejected
reachable: yes
authentication

...

SSergey by L1 Bithead
  • 9399 Views
  • 4 replies
  • 0 Likes

Resolved! How to configure a specific event to be sent via email

Hi Guys,

How would I go about configuring my PA to email me everytime another device with the same IP address of the Palo Alto joins the network, please? I didn't want anything else to be emailed to me, just that particular event. I remember I was abl

...

sonivEX by L0 Member
  • 2622 Views
  • 3 replies
  • 0 Likes

H/A Clustering Query

Hi,

 

I have a query regarding H/A clustering, I potentially have a requirement for H/A clustering with 3 firewalls and not just 2 (i.e. Active/Standby or Active/Active).

 

I believe that presently a 3 firewall cluster is not currently supported however

...

Data Plane high PA - 5020

i have problem about data plane, and the TAC say : packet rate is high, but i cannot find, how much PA-5020 can handle packet rate maximum.

i use command "show system statistic sessio" packet rate is 130K - 150K and dataplane 77% at 11:00 AM, but i se

...

Block recently registered domains

Is anyone successfully blocking domains that have been registered recently (last 30 days)? My testing has shown in the last three days, 380k domains have been registered. My PA-3020 capacity for External Dynamic Lists only supports a total capacity o

...

ASCIT by L2 Linker
  • 4223 Views
  • 5 replies
  • 0 Likes

Resolved! Download PAN-OS from GUI failing, potential MTU Problem ...

Ok folks

 

Here's an interesting one for you.

 

This is to do with connectivity between Panorama and updates.paloaltonetworks.com

 

We can retrieve licence info and download list of updates available for downloads (SW and Threats), but when clicking on dow

...

nawaza by L2 Linker
  • 3247 Views
  • 3 replies
  • 0 Likes

Resolved! Zone protection show wrong severity

We are doing a lab and making test attacks and see if the PA can detect them, we have an interface in tap mode and it is doing the span, we did all the configurations in a PA-200 but when we lunch brute force attacks or sql injection,  the logs shown

...

RCastro by L1 Bithead
  • 2596 Views
  • 3 replies
  • 0 Likes

Dynamic NAT

We are moving NAT from the routers to the firewall (5050), the routers do not release the session's efficiently so we are constantly running out of IP's in the pool. Is there a rule of thumb for the number of IP's to sessions on a PAN 5050? We run at

...

GFN182 by L2 Linker
  • 2187 Views
  • 2 replies
  • 0 Likes

Best Practices of log filter

Hello,

 

 

As a network admin, when user escalates that he cannot access some specify website, what's the best way to find the property log which was triggered by use's browsing activity?

 

Of course we can apply filer as "username", but even though, we w

...

qd_056 by L2 Linker
  • 3796 Views
  • 5 replies
  • 0 Likes
  • 24014 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels