This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 3401 Views
  • 0 replies
  • 0 Likes

Disabling BYOD VPN when not conncected.

For security of my personal device, I'd like to verify how to fully disable the BYOD VPN software when I'm not connecting.

 

Also, I'd like to verify how can I be sure I'm running the BYOD version and not some version that has spyware capability?

Resolved! Panorama traffic invisible

PAN(VM) and PA1 management interfaces are both Zone A.

 

PA1 connects to PA2(remote site) on IPSEC tunnel. Traffic from PA2 on PA1 is considered in Zone A and viceversa on PA2 for traffic from PA1. 

 

If i do packet capture on either PA, I can see there

...

raji_toor by L4 Transporter
  • 5078 Views
  • 6 replies
  • 0 Likes

How to block unknown machines from traversing the network

Hi all. My question is how can I create a rule that blocks traffic from a computer I brought from home as opposed to from my work domain? 

 

I want to be able to see people that bring their own devices onto the network and then block access to the netw

...

Roshawn by L2 Linker
  • 7634 Views
  • 10 replies
  • 0 Likes

Resolved! Syslog miner indicator

Hi, i'm trying creating a indicator for SLW injections events , extract src_ip and insert into 

 

Down below the code attached to the syslogminer class stdlib.syslogMiner , unfortunaltely validate process reports errors with the only suggestions "Con

...

Is it possible to monitor PBF rule status via SNMP?

Hi-

 

Is there a way I can get our PA-220 to alert our SNMP monitoring system when a Policy Based Forwarding rule fails/activates?

 

I've set up SNMP on the firewall, added a device entry in our PRTG monitoring system, and set PRTG to automatically detec

...

IPSEC Tunnel messages and failure

On Weelkend, one of our tunnels was down for about an hour. I was checking system logs and found these messages repeatedly for that tunnel, even after it is up. Anybody knows what this means and what to look for in logs to find the cause of tunnel fa

...

raji_toor by L4 Transporter
  • 9755 Views
  • 7 replies
  • 0 Likes

Google Safebrowsing miner

Google has a threat list api, has anyone created a miner for it?

 

https://developers.google.com/safe-browsing/v4/lists

chirss by L3 Networker
  • 5840 Views
  • 5 replies
  • 0 Likes

Resolved! Does the PA-200 support the latest code of 8.0.2 ?

 Hello, need to know if the  PA-200 supports the latest version of 8.0.2  i am on the fense on getting one  but am concered it may not be handle the latest code , also if not which PAN is the next best thing  recommended for home/small business that

...

Resolved! Wie starten mit PA220 und 8.0

Hallo,

 

ich suche ein Start Tutorial in welchem einfach erklärt wird, wie man mit der PA220 startet. Also dieser Beginner Guide hab ich schon, IP vergeben etc. Aber nun welche Regeln sind Empfehlungen, wie blockiert man diverse URLs? Wie baut man eine

...

High availability failover due to high dataplane usage

our internet went down a few weeks ago when our primary PA failover to a secondary PA. We found out, after doing some research and investigative work, that this was due to the amount of new session created, which cause the PA to use the slowpath and

...

mmbengue by L0 Member
  • 3869 Views
  • 2 replies
  • 0 Likes

How do I fix this?

Trying to connect PA-500 to user id agent on domain member server and keep getting this from the agent ID app log.

 

10/02/17 18:33:09:959[ Info 1219]: New connection 10.100.20.20 : 33369.
10/02/17 18:33:09:975[ Info 1292]: Device thread 1 with 10.100.2

...

selfsignedcert.PNG

Resolved! How can I get the available VSYS in PaloAlto Firewall?

Hi everyone,


I'm develping an automatic software to get configure data from PaloAlto firewall. I need to know if a firewall is virtualized (I already know how to get this info) and, if the firewall has one/more than one vsys, I want to know these vsys

...

Resolved! How to find a IP range by DMZ?

I am trying to find a range by DMZ. For example in ASA we can show-

show route | inc 10.10.10

and it will show the DMZ where that route belong.

 

Is there a way to find that in PAN OS 7.1?

sarif5 by L0 Member
  • 2742 Views
  • 1 replies
  • 0 Likes
  • 24296 Posts
  • 122 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks