This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

OSPF and Cisco Routers

Greetings all, I was doing some Core routing work during an outage this last week and ran into a repeat of some issues we had when we initially put our PAN boxes in to place. The original scenario: A subinterface existed on the Palo Alto with the tagging set for a point-to-point vlanThat vlan connected the Palo Alto directly to a Cisco 4500-X V...

jsalmans by L4 Transporter
  • 6724 Views
  • 2 replies
  • 0 Likes

Resolved! NAT Security rule

I'm used to working on Cisco ASA and I'm having a hard time understanding why the security rule states Untrust-L3 for both the source and destination zone. Typically wouldn't that be Untrust-L3 to DMZ? Is there a specific reason for this behavior?

Screen Shot 2018-01-06 at 6.57.18 PM.png
Glitchen by L0 Member
  • 2875 Views
  • 2 replies
  • 0 Likes

DNS proxy not working

Hello, We are currently getting resolve-fail events for DNS. Failed to resolve domain name: after trying all attempts to name server(s): 8.8.8.8 8.8.4.4DNS server is in loopback.2 Interface/Untrust/IP:203.44.x.x Below are some pics of DNS proxy settings, session details. Can someone please shed some light what are we missing?

sessiondetails.jpg
DNS Proxy.jpg
Farzana by L4 Transporter
  • 5791 Views
  • 3 replies
  • 0 Likes

A Fall/Autumn Question: What is your favorite Palo Alto Networks feature?

A wrap of our summer question leads into fall or autumn, as your preference may be, wherein we ask: What is your favorite Palo Alto Networks feature? Did it help solve a problem you were facing? As a former support engineer, I always like to hear when customers arrive at that a-ha moment of understanding or discovery, when the firewall does ...

jdelio by L7 Applicator
  • 20130 Views
  • 25 replies
  • 3 Likes

Outlook and Global Protect

In the past when our users disconnected Global Protect, Outlook would disconnect immediately. Seems like this no longer the case. When GP is disconnected Outlook continues to work. I'm wondering if anyone has every eperience this before? Thanks

berket13 by L0 Member
  • 3454 Views
  • 4 replies
  • 0 Likes

Resolved! Expressway-E and C and NAT and VW

Hi, I have deployed Expressway (cisco ToIP) E and C as per the diagram below .PA is in VW mode .Does it work without any changes in the PA ? Or Is there any policy must be created ? Thanks

PA.png
simsim by L4 Transporter
  • 2978 Views
  • 1 replies
  • 0 Likes

Resolved! How to escape special characters (i.e. colon) in miner rule

Hi, I have a rule for Panos syslog miner to block FTP brute force login attempt that is not working. I suspect this is because the threat_name has a colon in it, and is not being parsed properly. This is what my rule looks like: conditions: - type == "THREAT" - log_subtype == "vulnerability" - severity == "high" - src_zone == "WAN" - dest_...

Response Page Issue

https://mail.yahoo.com (web based email) and https://web.tresorit.com (online storage and backup) are both blocked via url category filter as per screen shot. But... I am only getting the response page for mail.yahoo.com.web.tresorit.com just gets page cannot be displayed. the policy is working as expected but i need the response page for the ...

URL-Block.png
Mick_Ball by L7 Applicator
  • 2493 Views
  • 2 replies
  • 0 Likes

IPSEC VPN Tunnel Failover and Nexus 7K VPC Design

Hello, A and B question: A. We have two Palos in A/S. The active has a functioning IPSEC VPN tunnel terminated to it. Is there any way to have the tunnel renegotiate to the S when it becomes A? B. What is the proper way to design an A/S PA/Nexus 7k VPC environment, to best utilize the advantages of VPC technology? Thank you

Halloween challenge: take your shot at winning a Live Community hoodie!

In the wake of the success we had at the Live Community booth at Ignite2017, I'd like to start a new tradition and what better time to have a little fun than Halloween? So I'd like to challenge you guys and girls of the Live community to either flaunt your 1337 h4x0r skills at integrating into something odd/fun/weird, or just be quirky and try f...

reaper by Cyber Elite
  • 5220 Views
  • 4 replies
  • 2 Likes

Resolved! LDAP group member enumeration problem

I am running PAN OS 8.0.7 and having a problem with getting the members of a group enumerated by the firewall. The group is shown by the firewall in the GUI and can be added to security policies, and the CLI if I run the "show user group list" command, I can see the group in the list that I have added to the Group-Mapping settings.The problem is...

rbentley by L0 Member
  • 4453 Views
  • 1 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks