This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4464 Views
  • 0 replies
  • 0 Likes

OSPF adjacency flapping - normal?

While trying to track down the cause for 3 recent Internet outages we've experienced at one of our schools (which we still haven't determined the cause to yet), we've noticed that our OSPF adjacencies are flapping up and down across the district. Multiple times per day, across multiple sites, going back to the beginning of last month (that's as...

fjwcash by L4 Transporter
  • 22572 Views
  • 21 replies
  • 0 Likes

Resolved! URL block message

We are getting this message, when opening websites sometimes. My suspect is the unknown category which was set to be blocked recently. But i don't know what is the source page of this message and it is the same message everytime, with business name on top of it. Although it has nohing to do with streaming. I have seen this message before too but...

image.png
raji_toor by L4 Transporter
  • 7402 Views
  • 4 replies
  • 0 Likes

Resolved! Permissions of user-ID service account for wmi and netbios probing

Hi All As I know to read the logs from DC, "Event Log Readers" permission is required for service account. For WMI probing to clients, I need all below (please correct me if I am wrong) 1- Service account permission should be "Server Operators" in AD to read the CIMV2 namespace on the client systems2- Give proper permission to the service accoun...

Resolved! Office 365 Powershell Decryption Error

I'm testing decryption on our PA-3020 and have found my Office 365 Powershell licensing script is failing to connect with the following error message: New-PSSession : [ps.outlook.com] Connecting to remote server ps.outlook.com failed with the following error message :WS-Management cannot process the request. The operation failed because of an HT...

OID for PA 850

Hi Team please advise if there is any link to refer for IOD for PA 850 , the below link shows information for OID of all the models but not for PA 850 https://live.paloaltonetworks.com/t5/Management-Articles/SNMP-for-Monitoring-Palo-Alto-Networks-Devices/ta-p/61052

Rameshwar by L3 Networker
  • 2770 Views
  • 1 replies
  • 0 Likes

Resolved! No of User ID agents for HQ and sites

Hi All My network topology is like I have HQ with PA-7050 firewall and 3 domain controllers in HQ. I have 22 branches with local domain controller in each branch and firewall is PA-3050. Now I want to deploy user-ID agent, In my scenario what is the best way to deploy user-ID agents. I am thinking below: - Deploy one user-ID agent (with backup) ...

using HTTPS external dynamic lists

Dear All, We are using the version 7.1 and would like to use HTTPS external dynamic lists.But it doesn't seem to work. Is there any additiontal required config to enable this? I believe it requires a username and password for list access from the version 8 but no idea how it works in the version 7.https://www.paloaltonetworks.com/documentation/8...

Bomi by L1 Bithead
  • 2530 Views
  • 2 replies
  • 0 Likes

Resolved! Same vulnerability profile for dns and web servers security policies

Hi I am wondering, firewall does not have the option to make vulnerability protection profiles based on signature categories like vulnerability signatures for dns server and web server and then used them in security policies realted to dns only or web server only. in firewall, I can see I have just only one vulnerability protection profile and u...

nat-t not enabled on vpn tunnel has impact on other tunnels

i just had a weird behavior. i have several ipsec tunnels for clients using the ncp secure entry client.they all have tunnels configured with certificates and a dynamic peer ip. yesterday i created two new tunnels but forgot to check the nat-t checkbox. and some of the users couldn't get a connection via rdp. my understanding was that it shouldn...

VARNObit by L0 Member
  • 3796 Views
  • 2 replies
  • 0 Likes

Normal behavior of LACP in passive/active HA setup.

Hi, I would just like to verify the normal behavior of LACP in an Active/Passive HA setting. Currently we have a pair of PA-3060 running 6.1.10 in active/passive. Both devices have LACP bundles towards a Cisco router.On the active firewall the LACP negotiates properly but on the passive firewall the interfaces shows up but doesnt negotiate the L...

Timeout value of user-ID log

We are using ldap authentication and globalprotect.In the above picture, the timeout value continues to be 2592000 and 0 time out 2952000 and 0 , what does that mean? Why does it look like above? Please let me know.

image.png
jskang by L1 Bithead
  • 4953 Views
  • 1 replies
  • 0 Likes

NAT and security policies

Hi all. I am trying to setup a ADFS environment in our network. The actual ADFS server is located in the internal LAN, and the ADFS Web Application proxy is reside in the DMZ; internal LAN and DMZ is in a different VLAN. The goal is to send user authentications (orginiated from the Internet) to the ADFS web application proxy, and from there i...

EDLs

Can we group EDLs?Once the url is fetched and content is read by the firewall and later the url is deleted, does firewall keep the cache of contents?can firewall detect redundant entries?

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks