This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4224 Views
  • 0 replies
  • 0 Likes

Resolved! How to find log user-local database

Hi all, I would like to know it can be to find log file user-local on Palo Alto which I can just see useridd.log and useridd.log just see user-id and user-id agent but not user-local, please suggest me. Thank You

Resolved! FileBlocking only one way or ip ?

Hi, iam new to the PA product line and trying to figure out stuff in my pa220 before i release them to production. In one of the scenarios presented; there was a request/question - is it possible to allow users to upload files to a share from one specific ip range and then deny that very ip range to download any type of files from that share ? A...

IMG_4022.jpg

Resolved! Agentless or User-ID Agent?

Hi,In my environment, we have several domain controllers around the world across MPLS. In order for users to go out to the internet, they must have an AD account in a certain AD group. This seems to work just fine....but recently we've had a few issues where the user will lose connection to the internet. When we look in the logs, the user's User...

PA 5050

I heard that the PA 5050's are going end of life in 2020 so why did they sell me premium support to July 2020? Do I loose what I bought or do they honor it till the expiration?

jdprovine by L4 Transporter
  • 3770 Views
  • 5 replies
  • 0 Likes

Resolved! How to block Geo IPs for some services?

Hi,i have a ssh Service connected via the internet.But i would like to filter a bit, because there comes often automatical scans from china IPs and so on.The devices who connect to the port 22 have a dynamic ip so i cant set a static source.But i know that these connections comes all from france dynamic ip adresses. So how can i configure it, th...

Resolved! Recover from Split Brain PAN OS 8.0.6 (PA3020)

Hi Community, i have two PA3020 in an A/P HA deployment.The cluster is virtualized with 2 VSYS - one for comany A and one for company B.Between the companies, the coreswitches are linked with 20GBit. (a kind of dark fibre - 500 meters) The 3020 HA setup manages both companies. VLANs for both companies are configured on both cores to ensure a cle...

Resolved! Global Protect VPN Unique ID's and one user allowed

Hello all, I have a requirement for the following and short of any draconian methods, I'm hoping that the PA GP will be able to answer. These are PAN8.0.7 on 5520's in Active/Passive I have a req to ensure that a user of GP is only allowed one GP session at a time. No sharing sessions or passwords. Options explored inlude a unique ldap group ...

Intrazone default- what gets inspected?

Hi For traffic that matches the intrazone default policy, and assuming there are no security profiles for anti-virus, anti-malware, threat protection. etc, Is there any inspection performed? Reason I ask- I found an article on the Knowledge base about increasing performance for SMB traffic by enabling an application override for the traffic. ...

fmurray by L1 Bithead
  • 3035 Views
  • 2 replies
  • 0 Likes

Resolved! User-ID Agent Ignore a group of users

Hello together, Is it possible to ignore a group of users with the User-ID Agent, and also on the firewall without the agent? I tryed to add a group ( example\Ignore User-ID ) to the ignore_user_list.txt for the Agent. But it seemed not to work. I also tryed:example\Ignore User-IDIgnore User-ID"example\Ignore User-ID""Ignore User-ID"'example\Ign...

Clermont by L2 Linker
  • 9657 Views
  • 14 replies
  • 0 Likes

VNC Access through Global protect

Hi allWe have internal server that must be accessed through VNC and HTTP.Internally it works well but when we try to connect from outside through Global Protect it is blockedAccess Policies from GP to Internal allowed. But not working.

Radmin_85 by L4 Transporter
  • 9301 Views
  • 11 replies
  • 0 Likes

VM-Series Firewall on VMware ESXi - get true link status from host NICs

Hi, I'm in the process of deploying a VM-100 under VMWare ESXi 6.5 as standalone host (not member of a VCenter). Everything has passed smoothly, however I want my V-100 network interface list to display the TRUE link status of each physical NIC port at the VMware host. (I.e. whether or not live cables are plugged in to their respctive host NICs...

SNMP monitoring for Ethernet interfaces

Hello, We are using OPManager to monitor our internal network and we are experiencing some issues with PA-VM 200 when trying to get the traffic of certain interfaces. For all the tunnel interfaces and sub-interfaces, we can see the traffic on the monitor but can't see the traffic for the ethernet interfaces. Using PAN-OS 8.0.21) Downloaded Ente...

Farzana by L4 Transporter
  • 8552 Views
  • 7 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks