This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4440 Views
  • 0 replies
  • 0 Likes

Issue NAT via VPN tunnel - VPN zone to Trusted zone

Hello I'm having a very similar issue with trying to configure a NAT translation from VPN to Trusted zone. In my case I'm building a VPN tunnel for monitoring using /32 ProxyIDs. My configuration VPN ProxyID is like the example below: Remote: Local:3.3.3.3/32 172.25.40.3/32 My NAT is configured as follows....

bshuman by L1 Bithead
  • 4670 Views
  • 3 replies
  • 0 Likes

File Hashes?

Does anybody know where to find the associated file hashes for files from the threat or data filtering log? I know Palo is generating file hashes on files because that's how they're determing what to send to WildFire but I can't find a file lash log anywhere. I would like to see this in the data filtering log.

r_gine by L1 Bithead
  • 5460 Views
  • 5 replies
  • 0 Likes

Resolved! Couple of issues with MineMeld 0.9.42, PanOS 7.1.11

Hi, I have a couple of problems with MineMeld (on a VM from ova template). 1. I recently seem to have lost the ability to export a system backup (which was working until recently). In the log, I can see a bunch of "GET /jobs/status-backup/.....", but the actual download never starts. [2017-10-23 16:12:19 UTC] [1971] [INFO] AUDIT - {"ms...

Problem with Panorama

Hi, I need to specify a group to access an SSL VPN.When I try to select a user or group from the agent menu in Panorama, they are not available.If I try to do the same on a physical equipment, it works.Anyone know what I can do to fix this?

BancoABC by L1 Bithead
  • 3011 Views
  • 4 replies
  • 0 Likes

Resolved! Multiple Proxy Configuration Feed Miner

Hi people! I have an issue configuring multiple jsonseqfeed miners in my local instance of Minemeld. This is the actual case: I have multiple miners getting information from autofocus. To get these to work, i had to add the proxy configuration in the /etc/default/minemeld file, no big deal.A group of colleagues, working in another project, have ...

juaniin by L0 Member
  • 3831 Views
  • 1 replies
  • 0 Likes

Resolved! Default gateway to router with two IP address

Hi, I am installing a PA-3020... the customer have a internet router which has two public IP address (190.30.40.1/24 as primary IP and 186.3.30.1/24 as secondary IP).Currently the customer have a Cisco ASA, it is directly connected to internet router, but the IP address in Cisco ASA (untrust interface) is 190.30.40.2/24 and its default gateway o...

ms-teams not working

Hello, Ms-Teams works fine when we set the Profile setting to 'none' for the policy. As soon as we set the URL filtering profile, it stops working. We have allowed the category. Also, made sure *.teams.microsoft.com is added in the Overrides>allow list. URLteams.microsoft.comCategoryComputer and Internet Info What else we can check?

Farzana by L4 Transporter
  • 10373 Views
  • 1 replies
  • 0 Likes

PA200 and PAN OS 8.0.5 is it a good idea?

Hello I got new PA200 as a RMA replacement so I have more time for upgrade. Is it a good idea to do that? I keep always to wait at least for X.0.5 since I upgraded one time to 6.0.0. and it was nightmare. Is someone using 8.0.5 on PA200? or 8.0.4? What about commit time comparation to 7.1.x? RegardsSlawek

_slv_ by L4 Transporter
  • 7273 Views
  • 7 replies
  • 0 Likes

Youtube with Restricted Mode-On

Hello, We would like to play specific videos on youtube with Restricted Mode to On. We have followed the article below but no luck. https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Allow-a-Single-YouTube-Video-and-Block-All-Other-Videos/ta-p/58944 Is there a way of allowing just that specific video to play?

Farzana by L4 Transporter
  • 2821 Views
  • 1 replies
  • 0 Likes

Virtual Router static routes

So I made the mistake of creating static routes that specify an exit interface. So now I have traffic coming into the firewall and then going out a different interface to get to other networks, rather then having that traffic hairpin back down my AE interface. So I have kind of a loop going on. So my quesiton is: Can I remove the exit interface ...

Resolved! Pattern of network vulnerability scanning coming from all over the world

In the last month or so we have seen lots of network vulnerability scanning for the following 3 Threat IDs coming from all over the world.- MVPower DVR TV Shell Unauthenticated Command Execution Vulnerability(30426)- WebUI mainfile.php Arbitrary Command Injection Vulnerability(38836)- Wireless IP Camera Pre-Auth Info Leak Vulnerability(33556)We ...

CTW1983 by L2 Linker
  • 4104 Views
  • 2 replies
  • 0 Likes

Best Implementation of PA 8.0

Dear All Expert,Do anybody can share Best Implementation of PA-8.0 ?https://www.sans.org/reading-room/whitepapers/auditing/palo-alto-firewall-security-configuration-benchmark-35777 Best Regards,Chhayheng

Resolved! Cannot access PA-200 via Console

Greetings all, I have a PA-200, there it was previously configured and it was stored for long time, we wanted to reuse it, however, I cannot access it via console, when I connect to it nothing there in Putty just black screen. here is what I have: Console cable connected to USB-Serial( Iam sure the cable and adaptor works fine, I tested it with...

mfkoko by L1 Bithead
  • 15208 Views
  • 8 replies
  • 0 Likes

Block SSL urls for BYOD student users- Maintain Cert trust chain

Hello all... I find myself in a bit of quandary on how to deal with blocking\inspecting various SSL based urls for our student BYOD users. I realize I need to decrypt the traffic in order to take action on it... but our problem lies with how to deal with certs....and keeping browsers happy with an intact trust chain. PA support told me that I mu...

Is it possible to export the private key from the forward-untrust certificate to view in wireshark ?

I want to check a specific HTTP request that is send to a webserver and which is currently blocked by one of our vulnerability checks to verify if the signature is correct.But I need to be able to view the decrypted data on the exported capture, therfor I have to import the private key of the forward-untrust certificate into wireshark....But I h...

DaxVC by L2 Linker
  • 2629 Views
  • 1 replies
  • 0 Likes
  • 24375 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks