This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! Incomplete traffic: custom appID and QoS

Hi,

 

I have traffic generated by Solarwinds NetPath probes that is tagged by the firewall as "incomplete".

 

I run a packet trace, and after the handshake, there are only TCP-keep-alive packets.  I'd like to prioritize this traffic in QoS, currently I'm

...

Sophos Central firewall rules question

My company is trying to implement  Sophos central throughout our network.


All clients need the access listed in the article below.

 

https://community.sophos.com/kb/en-us/121936

 

Currently Sophos central doesn't support the proxy solution we use.

 

what is

...

njuttner by L1 Bithead
  • 5326 Views
  • 8 replies
  • 0 Likes

Resolved! Decryption Policy Rule - Profile is None

With my new employer I'm managing a 3050 unit with a couple of Decryption Policy Rules which are configured to decrypt using SSL Forward Proxy. The Decryption Profile under Options is set to None. I can't find what the behaviour is when the decryptio

...

Resolved! Content update 709 revoked?

All firewalls automatically downgraded content version from 709 to 708. Was 709 revoked? Anybody else having the same behavior?

Anon1 by L4 Transporter
  • 5163 Views
  • 8 replies
  • 0 Likes

GlobalProtect commit fail on PAN-OS 7.0

help me please.

config ip pool for client access but commit fail

commit log message

Operation CommitResult Failed
Detailsmissing ip pool from both dynamic ip pool and authentication server ip pool for config 'default' in gateway GP-Gateway (tunnel GP-Gat...

Dent by L1 Bithead
  • 4967 Views
  • 5 replies
  • 0 Likes

Detalied url log

Hi all!

i'm new in this community and we have put in work 2 PA-3020.

I configured ELK for log forwarding.

i've search every log and i couldn't find a filed with the url theat a user is visiting. Is there a way to achieve that.

Example! Now i'm writing fr

...

Matteo by L1 Bithead
  • 2781 Views
  • 3 replies
  • 0 Likes

Internal traffic is hitting in the isp firewall

Palo alto is perimeter to customer which is connected to isp firewall.

Internal subnet traffics which are not allowed in isp/ untrust interface are hitted in isp firewall.
Routing is proper. ARP is proper in isp interface( only next hop arp is there)

Im...

Resolved! MP utilization high after the HA failover to primary

When Secondary Firewall became active, management plane utilization is not more than 10% for over months.

Last week manual failover made, Primary is active now. MP utilization is above 60% all the time.

 

All the configurations are same as it's in HA. B

...

Resolved! Panorama question

Why is it for 

 

network / interface / <some interface>

 

I can't use a name for a zone.

 

I wanted to have a template that had all of my zones in it, but unlike policies and objects there is no shared attribute.

 

Which means I have recreate my zones for ea

...

PA-220 Aggregate Interface with LACP supported?

Hi,

 

I need to confirm whether the PA-220 is able to aggregate 2 interfaces or more in a LAG (LACP).

 

I was able to find out that the PA-200 does not support aggregating interfaces with LACP, but the PA-220 is rather new and I have not been able to fin

...

Web Filtering and Reporting

I have been tweeking reports on these Palos we purchases (3020) and trying to find a good Web Browsing/Filtering report to provide for senior management that will encompass top xx users with most visited external sites, preferrably with the duration

...

What services are used by the Management port?

We have been tasked to follow the CIS benchmark for our Palo Alto firewalls. One item is to limit access to specific IP addresses for the Management port. That is easy enough if the only thing using the management port was users connecting to manage

...

kjsocher by L0 Member
  • 2102 Views
  • 3 replies
  • 0 Likes
  • 23660 Posts
  • 104 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks