This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4477 Views
  • 0 replies
  • 0 Likes

Resolved! Probably a simple question

Our product detects malware in network traffic streams (the product does not really matter here). When we generate what we call an event, we know the source/destination ip/port. We have had some customers ask for automatically putting the external (usualy the source) ip address on a block list. the list of blocked ip's will of course grow ...

Resolved! URL filtering Block List is not working properly

Hello, I have encountered an issue with some URL when I try to block them manually through the block list in URL filtering. I have blocked many URL for a client, but they can still access to some of those pages. The FW they are using is a PA-3020 with firmware version 7.0.10 and I have replicated the issue in my PA, which is a PA-500 with 7.1.7,...

SOC_CSG by L4 Transporter
  • 11609 Views
  • 4 replies
  • 0 Likes

Resolved! Multiple VPN Issue For FortiClient VPN & GlobalProtect VPN

Hi Support Our Client is using use FortiClient VPN to connect to their servers and get internet access. Also, they use GlobalProtect. When users who are using both the VPNs simultaneously lose internet access when enabling the GlobalProtect VPN. I’m presuming there is a setting somewhere that needs updating to allow this?

NavidAlam by L3 Networker
  • 13538 Views
  • 1 replies
  • 0 Likes

Resolved! Security Policy using URLs?

Hello community.Let's say I have an Atlassian Confluence site that needs to be accessed by a user (or multiple) - is it possible to specify down to the URL to only give the user access to a given set of pages? Confluence permissions only allow me to give access to entire spaces. Could be advantageous to allow a general user not tied to a specifi...

Idenfiy number of connection of per zone with or without snmp

Dear All, I need to configure zone protection, how to find the number of connetion per second for each zone. I tried with "show session info" and i can see "new connection establish rate" but i need to take the average for 2 or 3 weeks.So if its on the snmp which ouid i have to use to monitor or any other method to identify the con...

Resolved! Incoming Traffic from Palo Alto IP Address

I have a customer who asked about traffic which he saw on his Firewall.I looked in firewall logs from several others customers and find the same IP address. It is always a HTTP oder HTTPS connection. The traffic is coming from the 70.42.131.170. According to several internet sources this IP address belongs to PaloAlto Networkshttps://whatismyipa...

Resolved! IPS Signatures

Hello friends, I have some signatures with fortigate names and I neet to know the equivalence in Palo Alto, by the CVE Palo Alto dont indentify it, could anyone help me? web_app3: Narcissus.Image.Configuration.Remote.Command.ExecutionCVE-2015-1579 CVE-2014-9734applications3: Ektron.XSLT.Transform.Remote.Code.ExecutionCVE-2012-5357applications3: ...

Website Down??

Can't get to the main website, it briefly worked but was useless as it only had CLOUD event stuff on it?? Can't get to support site either? "Live" works Various chcek sites say the same, DOWN.

Resolved! PAN-OS 8.0.8 - use region in policy based fowarding rule

Hi community! I would like to know, if it is possible to use a region-object as destination address in a Policy-based-forwarding-rule?I found an articel from 2014 ("Policy Based Forwarding PBF based on destination country or self defined region?") that says it is not possible.Since it is a couple of years old, the PAN-OS version mentioned in tha...

Resolved! How to find log user-local database

Hi all, I would like to know it can be to find log file user-local on Palo Alto which I can just see useridd.log and useridd.log just see user-id and user-id agent but not user-local, please suggest me. Thank You

Resolved! FileBlocking only one way or ip ?

Hi, iam new to the PA product line and trying to figure out stuff in my pa220 before i release them to production. In one of the scenarios presented; there was a request/question - is it possible to allow users to upload files to a share from one specific ip range and then deny that very ip range to download any type of files from that share ? A...

IMG_4022.jpg

Resolved! Agentless or User-ID Agent?

Hi,In my environment, we have several domain controllers around the world across MPLS. In order for users to go out to the internet, they must have an AD account in a certain AD group. This seems to work just fine....but recently we've had a few issues where the user will lose connection to the internet. When we look in the logs, the user's User...

PA 5050

I heard that the PA 5050's are going end of life in 2020 so why did they sell me premium support to July 2020? Do I loose what I bought or do they honor it till the expiration?

jdprovine by L4 Transporter
  • 3834 Views
  • 5 replies
  • 0 Likes

Resolved! How to block Geo IPs for some services?

Hi,i have a ssh Service connected via the internet.But i would like to filter a bit, because there comes often automatical scans from china IPs and so on.The devices who connect to the port 22 have a dynamic ip so i cant set a static source.But i know that these connections comes all from france dynamic ip adresses. So how can i configure it, th...

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks