This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4110 Views
  • 0 replies
  • 0 Likes

Intrazone default- what gets inspected?

Hi For traffic that matches the intrazone default policy, and assuming there are no security profiles for anti-virus, anti-malware, threat protection. etc, Is there any inspection performed? Reason I ask- I found an article on the Knowledge base about increasing performance for SMB traffic by enabling an application override for the traffic. ...

fmurray by L1 Bithead
  • 3001 Views
  • 2 replies
  • 0 Likes

Resolved! User-ID Agent Ignore a group of users

Hello together, Is it possible to ignore a group of users with the User-ID Agent, and also on the firewall without the agent? I tryed to add a group ( example\Ignore User-ID ) to the ignore_user_list.txt for the Agent. But it seemed not to work. I also tryed:example\Ignore User-IDIgnore User-ID"example\Ignore User-ID""Ignore User-ID"'example\Ign...

Clermont by L2 Linker
  • 9479 Views
  • 14 replies
  • 0 Likes

VNC Access through Global protect

Hi allWe have internal server that must be accessed through VNC and HTTP.Internally it works well but when we try to connect from outside through Global Protect it is blockedAccess Policies from GP to Internal allowed. But not working.

Radmin_85 by L4 Transporter
  • 9177 Views
  • 11 replies
  • 0 Likes

VM-Series Firewall on VMware ESXi - get true link status from host NICs

Hi, I'm in the process of deploying a VM-100 under VMWare ESXi 6.5 as standalone host (not member of a VCenter). Everything has passed smoothly, however I want my V-100 network interface list to display the TRUE link status of each physical NIC port at the VMware host. (I.e. whether or not live cables are plugged in to their respctive host NICs...

SNMP monitoring for Ethernet interfaces

Hello, We are using OPManager to monitor our internal network and we are experiencing some issues with PA-VM 200 when trying to get the traffic of certain interfaces. For all the tunnel interfaces and sub-interfaces, we can see the traffic on the monitor but can't see the traffic for the ethernet interfaces. Using PAN-OS 8.0.21) Downloaded Ente...

Farzana by L4 Transporter
  • 8035 Views
  • 7 replies
  • 0 Likes

SSL Offloading for inbound connection

We have few legacy internal applications listening on a various TCP ports. Now we have a requirement to connect to these applications from a cloud vendor externally. There is no option to setup a site-to-site IPSec VPN tunnel to the cloud so we need to expose this server to internet securly. Can Palo alto act as a proxy for inbound traffic hosti...

ganees by L1 Bithead
  • 11848 Views
  • 4 replies
  • 0 Likes

Resolved! CPU/RAM/Memory Alarms in PAN-OS

Is there a feature in PAN-OS to set CPU/RAM/Memory usage exceeding threshold x% in the same way Device>LogSettings>AlarmSettings has variables to track Log DBs? This could be useful towards spinning up a new instance for the vFW to load balance to if the current vFW instance is being pushed too hard.

timgowan by L0 Member
  • 6024 Views
  • 1 replies
  • 0 Likes

O365 Category Change

Did anyone see outlook.office365.com change category today at about 18:00 GMT? We were seeing logged as computer-and-internet-info and changed to web-based-email? This is when I find out it ws planned and I've missed about a million alerts telling me this was coming....

apackard by L4 Transporter
  • 3934 Views
  • 4 replies
  • 0 Likes

How to block Spotify in Palo Alto

Hello world ! despite spotify being an awesome P2P solution for music, it has been a headache to HR management.So, we were asked to identify an way to block the usage of Spotify in our machines.What´s the way we should use in order to get it done in Palo Alto ?

evsivier by L0 Member
  • 5721 Views
  • 2 replies
  • 0 Likes

Resolved! Admin Roles

Hi I created a 'read only' admin role, simple superuser priviledges, everything set to default. when i login with RO, the HA view for example dissappears, and the commit link is still present desite it being disabled within the Admin Role profile. I'm wondering if this is because we're using ISE...? Many thanksAjaz NawazJNCIE-SEC No.254CCIE-RS N...

nawaza by L2 Linker
  • 3694 Views
  • 3 replies
  • 0 Likes

Resolved! Copy config from live PA820 to old PA500

We recently got a PA820 in live production and I'm concerned if we have a device failure that it may be difficult to take a saved config from the PA820 and import it into the old PA500. Does anyone have any experience with this? Is it even possible? How long would this take (guesstimate)? Thank you in advance!

Nickzzz by L1 Bithead
  • 4957 Views
  • 6 replies
  • 0 Likes

Resolved! Mindmeld Installation issues

Hey guys, having issues with fresh installs of Minemeld. I've had success installing it on a test virtual box however this time I'm deploying in a VMware environment. This is the message that I get. I've tried removing the packages for clean install and have tried other machines but all end with the same results. Any ideas?/opt/minemeld/engine/d...

vdnguy2 by L1 Bithead
  • 5232 Views
  • 3 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks