This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4117 Views
  • 0 replies
  • 0 Likes

Resolved! Wildfire Activity?

Hi folks, We have a Wildfire public cloud subscription, dynamic updates, and security profile configured.I've been asked, "How do we know it's doing anything?". When I look at Wildfire submissions, the last submissions are from January and end of last year.I am looking at this article and our settings, I don't think our's looks correct. Our Fil...

wildfire2.jpg
wildfire1.jpg
OMatlock by L4 Transporter
  • 3435 Views
  • 4 replies
  • 0 Likes

DAGPusher - Questions; API Key? How to specify what Dynamic address group object to apply IPs to?

Regarding DAGPusher Output node. I don't mean to hit anyone with a firehose but I have several questions I'm having trouble finding the answers to regarding the DAGPusher Output node in MineMeld. It's my understanding this node will allow MineMeld to add IPs to a Dyanmic Address Group object on a PA. Is there any documentation for this modul...

PA-User by L1 Bithead
  • 7325 Views
  • 5 replies
  • 0 Likes

DAGPusher new setup

Hello, I finished the setup of DAGPusher and DAG in Panorama. The list of indicators is populated in the MineMeld DAGPusher but my DAG in Panorama is not populated. In the MineMeld logs I can see following: 2018-02-23T14:18:23 (17217)dag._device_pusher_died ERROR: dagPusher-LIST - exception in greenlet for 10.10.10.10, respawning in 60 seconds...

pverar by L1 Bithead
  • 11299 Views
  • 10 replies
  • 0 Likes

Resolved! Custom URL matching on wrong URLs

Hi, I have a security rule that's supposed to be only allowing traffic for URLs in a custom URL category. However, it appears that it's matching lots of other URLs that aren't in the category. Below are some screenshots. I'm running v8.0.6. Let me know what other info you might need and what I'm doing wrong. Thanks. Matt Security rule showi...

mprintz by L2 Linker
  • 11404 Views
  • 13 replies
  • 0 Likes

Resolved! Verify SSL and SSH Inspection

Hello everybody.I am using the SSL Inspection over HTTP (HTTPS) service on our office GWs. I know how to set up rule bases and configure my Decryption Profile well. I have read PAN's documentations and watched a tutorial about how to configure a SSL Inspection over other desired protocols, such as SMTP/IMAPS etc. I've come to conclusion that I c...

Multiple Cisco Router IPSec tunnels to single Palo Alto IPSec Tunnel

Dear peers, I have been fighting an issue for about a month regarding issues running Cisco DMVPN behind a static 1-to-1 NAT address (VeloCloud not a Palo Alto). I am currently still trying to ascertain if this is an issue with the VeloCloud appliance (I have a ticket open with them) or moving the Cisco DMVPN solution behind a NAT. This being s...

Resolved! URL database schedule

I was going to check the update schedule of URL database but this is no longer there. Although i can see update has happened today. License is still valid. PANOS is 8.7. url-filtering-version: 20180228.20221

raji_toor by L4 Transporter
  • 5821 Views
  • 1 replies
  • 0 Likes

GP user logouts.

trying to find out if there's a list of the various messages and what they mean, particulary with 'globalprotectgateway-logout-succ'. I'm specifically trying to identify what 'Reason: remove previous login' means. I assume it means the previous session didn't close and a new session was created, like if the user's machine goes to sleep or reboot...

Resolved! How to translate IP and port from trust to trust?

My goal is to be able to reroute traffic from internal server 192.168.0.10 port 123 to other internal server 192.168.0.20 port 456 My understanding is that I do not need a u-turn nat rule since we're using internal IP addresses, however so far I've not found any rule configuration that successfully makes the translation when tested nor have I be...

Resolved! DNS Sinkhole - working or not?

I have followed the configuration guide for setting up dns sinkhole but i am not seeing the expected output in the logs. My configuration is as follows:-Client sits on a zone 'mplstrust' (internal LAN)Internal DNS Server sits on zone 'dnstrust' (internal LAN but different subnet to mplstrust zone)We have subscribed to Dynamic Updates for Spyware...

shaneo by L1 Bithead
  • 7266 Views
  • 6 replies
  • 0 Likes

Resolved! suspend passive

If you suspend a passive firewall in an active/passive HA configuration does it just mean that you have turned off HA and the active cannot fail over to the passive?

jdprovine by L4 Transporter
  • 5921 Views
  • 5 replies
  • 0 Likes

Resolved! Probably a simple question

Our product detects malware in network traffic streams (the product does not really matter here). When we generate what we call an event, we know the source/destination ip/port. We have had some customers ask for automatically putting the external (usualy the source) ip address on a block list. the list of blocked ip's will of course grow ...

Resolved! URL filtering Block List is not working properly

Hello, I have encountered an issue with some URL when I try to block them manually through the block list in URL filtering. I have blocked many URL for a client, but they can still access to some of those pages. The FW they are using is a PA-3020 with firmware version 7.0.10 and I have replicated the issue in my PA, which is a PA-500 with 7.1.7,...

SOC_CSG by L4 Transporter
  • 11383 Views
  • 4 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks