This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4126 Views
  • 0 replies
  • 0 Likes

Resolved! Cryptocurrency Mining?

Hi folks, We recently had a pen test and had positive results. We do not use URL filtering, but have everything else.However, on 12/24/2017 we can now see a reboot.txt file sitting in our Windows\temp directory on an Oracle OAM server.Luckly, Carbon Black flagged the file as it was trying to be run and denied, running from cmd.exe. We can also ...

OMatlock by L4 Transporter
  • 10077 Views
  • 16 replies
  • 0 Likes

External up but, internal Outage, Migrating Users

Hi, I am looking to explore options that in a situation when the External Edge may be "up" but, the internal resources have failed. For example, a core switch has crashed but, the firewalls and internet routers are still online. Users will connect to the gateway via GP but, no be able to access resources. What is a way to migrate users dynamical...

nicford by L2 Linker
  • 2847 Views
  • 3 replies
  • 0 Likes

Resolved! Filtering Azure IP ranges based on a subset of regions?

I'm attempting to filter the azure.cloudIPs miner based on a subset of specific regions. I've customized IPv4 aggregators to specify individual regions (as shown below), and this works correctly. However what would the syntax be to filter on multiple regions? ie, effectively something like azure_region == ['useast' or 'useast2']? I've tried a ...

mpetzold by L0 Member
  • 5935 Views
  • 2 replies
  • 0 Likes

Tag Unused Rules

How to tag all unused security policies. I'm faimilar with the "highlight unused" and > show running rule-use rule-base security type unused vsys vsys1 command. Is there a way I can then easily tag all my rules used say older than 90 days?

nicford by L2 Linker
  • 10142 Views
  • 10 replies
  • 1 Likes

Disk space again

I have gone back and forth on disk space with tac and with the live community. I had tac clean up the log files before and that didn't gain me much. I am trying to prepare for an upgrade to OS 8.x this summer and I want to make sure I do not run out of diskspace and also not break anything trying to do some clean upI guess I want to know if thes...

jdprovine by L4 Transporter
  • 7280 Views
  • 13 replies
  • 0 Likes

Resolved! How to verify firewall operational mode (fips, cc, normal)

Dear comm, when searching for operational modes you will find a bunch of guides how to change mode from normal to CC or FIPS. However I would like to know where I can check the current mode running. I know you can clearly see it when using Panorama but this is not the case here. Where can I check the operational mode on a standalone firewall? Ki...

Rboehme by L2 Linker
  • 11243 Views
  • 1 replies
  • 0 Likes

Training - Labs

Hi all I am currently doing training - Firewall Installation, Configuration, and Management: Essentials I for PAN-OS 7.0 It's not an online class. I've found it on My Learning page and I think it's good to start with. Does anybody know whether there is a chance to do some labs? If yes, how do I set it up? I just don't want to only read up on th...

How to block Android users on PAN FW

Hi Guys, Is it feasible to block the users on our PAN FW for a specific manufacture or platform , let say to block windows or MAC or Android users ? Please assist as I m new to this PAN FW ... Regards Vineet

HTTP redirect at firewall level(currently being done in IIS

I'm currently doing http redirect at the web server(IIS) and allowing http and https traffic into the web server. Is there a way to do http redirect at the firewall level and that way I only allow SSL traffic and block http coming into the web server. IS it ok to allow http traffic into the web server behind the PAN? I want to know what other ar...

msintech by L0 Member
  • 3446 Views
  • 2 replies
  • 0 Likes

Resolved! Management CPU keeps 100% usage

Hi experts, We are using PA-2020 in our environment and its firmware version is "4.1.6" PA-2020 was working smoothly but now it appears very slow process when we click commit action. We have searched and followed many reference such like 1) disable each policy logging setting (no log now), 2) execute command "debug software restart device-server...

2018-01-10_141253.jpg

MineMeld - how to prevent age out of DShield in a TAXII output DataFeed

Here is the basic setup that I'm having trouble with: Miner: dshield_blocklist: output: true prototype: dshield.block Aggregator: aggregator_dshield: inputs: - dshield_blocklist output: true prototype: minemeldlocal.aggregator_dshield Output Node: taxiiDataFeedDshield: inputs: - aggregator_dshield ...

EdwinD by L3 Networker
  • 4979 Views
  • 2 replies
  • 0 Likes

Modify application

One of the applications (a default one in the Palo Alto) sometimes connects over an other port than the defined standard port for the application. Since I defined the plicys service as 'application default', this traffic gets blocked. Its the application 'magister', which has a standard port of tcp,443 but sometimes connects over 943 & 4502....

Sjoerd by L2 Linker
  • 3941 Views
  • 3 replies
  • 0 Likes

Resolved! Difference between pkts/sec vs conns/sec

Hi All, In Zone Protection Profile, a unit of rate changed from packets/sec to connections/sec when I upgrade into PAN-OS 8.0.It sounds defferent thing, though is this only changes on GUI and nothing changes on this feature, I mean way of counts is same as before?If no, how to calcurate accurate value for 'connections'?Let's say if I configure '...

71.png
80.png
emr_1 by L5 Sessionator
  • 3911 Views
  • 1 replies
  • 0 Likes

Recommened PAN-OS as of April 2017 (Q2)

What PAN-OS are people running these days? I am currently 7.0.8 and it is time for the care-and-feeding of the firewall code at my company. I am looking at upgrading to 7.1.8 (but 7.1.9 just came out today). I do not use any SSL Decryption features. Primarily firewalling, IPSEC tunnels and GlobalProtect.

rpugh1 by L0 Member
  • 2784 Views
  • 3 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks