This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4112 Views
  • 0 replies
  • 0 Likes

About traffic-stop-on-logdb-full feature

We're receiving multiple alerts "SYSTEM ALERT : critical : Traffic and logging are resumed since traffic-stop-on-logdb-full feature has been disabled ." for one fo the device, what needs to be done ? Please advise. Thank you.

Ayesha by L0 Member
  • 7211 Views
  • 6 replies
  • 0 Likes

Issue NAT via VPN tunnel - VPN zone to Trusted zone

Hello I'm having a very similar issue with trying to configure a NAT translation from VPN to Trusted zone. In my case I'm building a VPN tunnel for monitoring using /32 ProxyIDs. My configuration VPN ProxyID is like the example below: Remote: Local:3.3.3.3/32 172.25.40.3/32 My NAT is configured as follows....

bshuman by L1 Bithead
  • 4542 Views
  • 3 replies
  • 0 Likes

File Hashes?

Does anybody know where to find the associated file hashes for files from the threat or data filtering log? I know Palo is generating file hashes on files because that's how they're determing what to send to WildFire but I can't find a file lash log anywhere. I would like to see this in the data filtering log.

r_gine by L1 Bithead
  • 5319 Views
  • 5 replies
  • 0 Likes

Resolved! Couple of issues with MineMeld 0.9.42, PanOS 7.1.11

Hi, I have a couple of problems with MineMeld (on a VM from ova template). 1. I recently seem to have lost the ability to export a system backup (which was working until recently). In the log, I can see a bunch of "GET /jobs/status-backup/.....", but the actual download never starts. [2017-10-23 16:12:19 UTC] [1971] [INFO] AUDIT - {"ms...

Problem with Panorama

Hi, I need to specify a group to access an SSL VPN.When I try to select a user or group from the agent menu in Panorama, they are not available.If I try to do the same on a physical equipment, it works.Anyone know what I can do to fix this?

BancoABC by L1 Bithead
  • 2907 Views
  • 4 replies
  • 0 Likes

Resolved! Multiple Proxy Configuration Feed Miner

Hi people! I have an issue configuring multiple jsonseqfeed miners in my local instance of Minemeld. This is the actual case: I have multiple miners getting information from autofocus. To get these to work, i had to add the proxy configuration in the /etc/default/minemeld file, no big deal.A group of colleagues, working in another project, have ...

juaniin by L0 Member
  • 3751 Views
  • 1 replies
  • 0 Likes

Resolved! Default gateway to router with two IP address

Hi, I am installing a PA-3020... the customer have a internet router which has two public IP address (190.30.40.1/24 as primary IP and 186.3.30.1/24 as secondary IP).Currently the customer have a Cisco ASA, it is directly connected to internet router, but the IP address in Cisco ASA (untrust interface) is 190.30.40.2/24 and its default gateway o...

ms-teams not working

Hello, Ms-Teams works fine when we set the Profile setting to 'none' for the policy. As soon as we set the URL filtering profile, it stops working. We have allowed the category. Also, made sure *.teams.microsoft.com is added in the Overrides>allow list. URLteams.microsoft.comCategoryComputer and Internet Info What else we can check?

Farzana by L4 Transporter
  • 10316 Views
  • 1 replies
  • 0 Likes

PA200 and PAN OS 8.0.5 is it a good idea?

Hello I got new PA200 as a RMA replacement so I have more time for upgrade. Is it a good idea to do that? I keep always to wait at least for X.0.5 since I upgraded one time to 6.0.0. and it was nightmare. Is someone using 8.0.5 on PA200? or 8.0.4? What about commit time comparation to 7.1.x? RegardsSlawek

_slv_ by L4 Transporter
  • 7119 Views
  • 7 replies
  • 0 Likes

Youtube with Restricted Mode-On

Hello, We would like to play specific videos on youtube with Restricted Mode to On. We have followed the article below but no luck. https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Allow-a-Single-YouTube-Video-and-Block-All-Other-Videos/ta-p/58944 Is there a way of allowing just that specific video to play?

Farzana by L4 Transporter
  • 2767 Views
  • 1 replies
  • 0 Likes

Virtual Router static routes

So I made the mistake of creating static routes that specify an exit interface. So now I have traffic coming into the firewall and then going out a different interface to get to other networks, rather then having that traffic hairpin back down my AE interface. So I have kind of a loop going on. So my quesiton is: Can I remove the exit interface ...

Resolved! Pattern of network vulnerability scanning coming from all over the world

In the last month or so we have seen lots of network vulnerability scanning for the following 3 Threat IDs coming from all over the world.- MVPower DVR TV Shell Unauthenticated Command Execution Vulnerability(30426)- WebUI mainfile.php Arbitrary Command Injection Vulnerability(38836)- Wireless IP Camera Pre-Auth Info Leak Vulnerability(33556)We ...

CTW1983 by L2 Linker
  • 4011 Views
  • 2 replies
  • 0 Likes

Best Implementation of PA 8.0

Dear All Expert,Do anybody can share Best Implementation of PA-8.0 ?https://www.sans.org/reading-room/whitepapers/auditing/palo-alto-firewall-security-configuration-benchmark-35777 Best Regards,Chhayheng

Resolved! Cannot access PA-200 via Console

Greetings all, I have a PA-200, there it was previously configured and it was stored for long time, we wanted to reuse it, however, I cannot access it via console, when I connect to it nothing there in Putty just black screen. here is what I have: Console cable connected to USB-Serial( Iam sure the cable and adaptor works fine, I tested it with...

mfkoko by L1 Bithead
  • 14898 Views
  • 8 replies
  • 0 Likes

Block SSL urls for BYOD student users- Maintain Cert trust chain

Hello all... I find myself in a bit of quandary on how to deal with blocking\inspecting various SSL based urls for our student BYOD users. I realize I need to decrypt the traffic in order to take action on it... but our problem lies with how to deal with certs....and keeping browsers happy with an intact trust chain. PA support told me that I mu...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks