Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
jforsythe by Community Team Member
  • 27 Views
  • 0 replies
  • 0 Likes

Slow internet performance behind PA-500

I recently upgraded to a 250Mbps internet speed.

When I plug my laptop directly into the ISP router I am getting close to 300Mbps.

But behind the PA-500 firewall, I am getting around 80-90Mbps.

Firmware is 7.1.10 running in HA

 

What would cause this?

Looking for some rule guidance

Hello all,

 

I'm trying to get some access restricted to a few subnets that fall into our /16 range that we currently have in our Palo. The way it would look is we would have 2 subnets smack in the middle of the /16 that we only want to allow access to

...

Miner certificate authentication

Hello!

Could you tell me,

Is there a miner with support authentification via client certificate?

In particalur I need a JSON miner with this function.

Thanks!

KVasiliy by L2 Linker
  • 3850 Views
  • 3 replies
  • 0 Likes

Details on URL Filtering Domain Classification

We've recently launched a Palo Alto deployment on our campus and are using the URL filtering capabilities to block any URL that is classified as 'malware' or 'phishing'. We're using PAN-DB as the source for the categories and were wondering what exac

...

Resolved! Can I block malicious files sent via email ?

If my organization users send or receive emails (internal or external) with malicious file attachments , will I be able to block such emails using PAN firewall file blocking features  ? I think Microsoft O365 already creates an encrypted channel so t

...

aged out vs unknown

HI,

From some pc session end reason for dns traffic shows 'aged out'
and for some shows 'unknown'
what could be the reason
internet traffic from the pc which shows aged out are really slow
any help

Thanks

simsim by L4 Transporter
  • 12073 Views
  • 6 replies
  • 0 Likes

Resolved! Dynamic Updates from Panorama

If we have 200 firewalls connected to PANORAMA.  And we have in PANORAMA, dynamic updates set to update at midnight.  Does it fire off one at a time each firewall until its downloaded and installed on each firewall,  before moving on to next firewall

...

internet issue

Hi,

I have an issue  the internet is very slow for a vlan  10 ,

 

In my qos rule this is network class in 2 and  the another vlan  11 in the same class  has no issues .

 

And the rule number for   qos  vlan10 is 10  and for vlan 11 is 50 .

'

If any client u

...

simsim by L4 Transporter
  • 1531 Views
  • 1 replies
  • 0 Likes

Resolved! VPN IPSec No Proposal Chosen

Hi, 

I keep having issues with my IPSec sts VPN. Always have a No proposal chosen message on the Phase 2 proposal.

And then P2 proposal fails due to timeout.

I read that it could be IPSec crypto settings or proxy ID that don't match.

Proxy IDs are OK bec

...

M6P2.png
crypto.png
IPsec tunnel.png
IPsec tunnel2.png
Naelwan by L1 Bithead
  • 47654 Views
  • 10 replies
  • 0 Likes
  • 23584 Posts
  • 107 Subscriptions
Labels