General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 191 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 873 Views
  • 0 replies
  • 0 Likes

Resolved! Call API key via invoke-restmethod

Is Palo Alto's API able to accept GET requests from the PowerShell "invoke-restmethod" cmdlet which have the api key set as a variable?  I ask this because I would like to run these requests without embedding my API key in the HTTPS GET request.  Thi

...

Log forwarding "Zone Protection" ?

I can't find an up to date way to enable log forwarding for "Zone Protection" profiles.

 

I found a guide for 6.1 but its not relevent for 8.0

 

I want alerts when we get port scanned.

 

Cheers

 

Rob

SSL Decrypt and GitHub

I keep fighting this SSL Decypt issue with my PAs, its almost getting to the point where its not worth running the SSL decrypt function because it causes so many issues. I am currently having issues with people downloading a zip file from git hub. 

 

g

...

Resolved! PA is Default Deny

Stupid question. Just need confirmation.

PA (42020) devices are default deny correct?

If a packet is not specifically allowed or denied by a rule; when it gets to the bottom of the rules the default action is to deny, correct?

thanks

--CH

choff123 by L3 Networker
  • 6235 Views
  • 4 replies
  • 0 Likes

Port analyse by TCPDUMP

Hello All,

 

I would like to capture packet by tcpdump on other interface than management interface.

How can do it ? (please explain more detailled as possible).

 

Thanks for your help.

GB.

Global Protect and Bandwidth Considerations

Looking for feedback on what you all have experienced with GP VPN for a user count of over 2k users. 

 

Specifically what type of INet circuits that were needed.  What was the amount of bandwithd which was seen on the circuits?  Finally, is there any s

...

Resolved! App-ID Mismatch for symantec-endpoint-manager

Is there any experience with 'symantec-endpoint-manager' over tcp/8014 being mis-identified as web-browsing?

 

We have a 5260 firewall in a datacenter environment, with hosts that need to access a Symantec-Endpoint-Server for AV updates.  Clients acces

...

chrislss by L1 Bithead
  • 4409 Views
  • 4 replies
  • 0 Likes

Global Protect logging out right after it logs in

On the PAN 5020 I can see in logging that user successfully authenticates with MFA and radius but within a second it says the user has logged off. I know that in fact the user did not log off. I hope to grab some logs at the client next week. But I f

...

Resolved! Best practice for windows 10 updates about QoS policy

Hi, all.

 

Recently, one of our company's valuable customer request the solution about QoS policy.

 

The customer's QoS policy was Application 'ms-update' Services 'application-default'

This policy applied well in Windows 7 environment.

 

However, the probl

...

30 Day Trial License Expire

Hi guys,

We have been used 30 Days trial ULR Filtering License so far.

After 30 days, it means expired, We couldn't use it naturally.

and I tought it may can use old db version-url filtering- even though It won't get any update information as like norma

...

image.png
Kang_Han by L1 Bithead
  • 3913 Views
  • 3 replies
  • 0 Likes

Application issues Via VPN with Peer

Hi Guys,

 

I need some help dealing with CyberAck over VPN. The problem is that I created and established a VPN with a remote peer for CyberAck traffic. Service is Any but application is default. Traffic is allowed via the firewall but I get an error (

...

GlobalProtect and Microsoft NCSI

When users are connected to GP they are unable to search online templates from both word and visio.

it works OK when connected to LAN and we have a test policy that allows all outgoing traffic for myself and I still cannot search the online templates

...

Mick_Ball by L7 Applicator
  • 4424 Views
  • 3 replies
  • 0 Likes

How to configure PA with an MPLS circuit

I am looking for documentation on using MPLS with my PA 3050. I have found community article 59127 but was hoping for more information.

 We are about to aquire an MPLS circuit from our ISP for a remote office. The remote office will have seperate VLAN

...

Bvance by L2 Linker
  • 6601 Views
  • 2 replies
  • 0 Likes
  • 24007 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Posts
Top Liked Authors
Labels