This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4237 Views
  • 0 replies
  • 0 Likes

URL Filtering category “command-and-control” missing

Hello I'd like to prepare for new category “command-and-control” I have two firewalls one with BrightCloud and one with PA url filtering database. Both with 7.1.11 PANOS and latest url filtering database but when I try to change default action for this new category I see: Do I missed something? What's wrong with my configuration could be? Rega...

2017-09-20_085752.png
_slv_ by L4 Transporter
  • 3918 Views
  • 4 replies
  • 0 Likes

Mitel Border Gateway / Teleworker

Hi all,I'm having a problem getting Mitel's Border Gateway (formerly known as Teleworker) working properly. For those not in the know... Mitel is a large VOIP phone system company and they have various addons, including a server which would typically sit in your DMZ and allow remote workers to have a handset in their home / remote location as if...

UKRB by L3 Networker
  • 7704 Views
  • 5 replies
  • 1 Likes

Resolved! Upgrading 7.1 to 8.0: New Log Storage

HiWe are upgrading to 8.0 and have noticed the cavet about new log storage in 8.0. We do not have log collectors setup, but are collecting logs in Panorama (threat and traffic only) and wonder if the existing log migration applies to these as well? Thanks in advance for any advice,Rebecca

RSporbert by L1 Bithead
  • 15205 Views
  • 14 replies
  • 0 Likes

Resolved! URL Filtering Eval License - how to remove?

Every day we get email alerts:SYSTEM ALERT : critical : License for feature url-filtering expired on xxxx/xx/xxHow do you remove the URL Filtering evaluation license??There is no option in the GUI to remove it.I could see an option in the CLI to request a license, but not remove one.(I also don't want to remove our firewall license by mistake.)

moha by L0 Member
  • 5641 Views
  • 3 replies
  • 0 Likes

Resolved! How to change a miner timeout

Hi all, A simple question, I hope. How do I change the default timeout for a certain miner - panos syslog miner in may case. I'd like to change the timeout to be 30 days, rather then an hour or so that seems to be set now. I could not find a way to make change through the GUI, I figure one of the config files needs editing? Thanks, Luca

update withdraw.png

Resolved! NAT rule to change internal IP to another on same subnet?

Hi folks, I have created a internal zone IP address I want to use as generic for FTP communications 192.168.1.9.I want to NAT this IP to our current FTP server 192.168.1.19. This way when our FTP server changes we just change our NAT rule rather than the rest of our partner companies firewalls, routes, etc. I've created a DNAT rule and able to ...

OMatlock by L4 Transporter
  • 9021 Views
  • 11 replies
  • 0 Likes

Script or custom report ?

Hi All I’m new in the world of Palo Alto, the guy in charge of this just left our company so I’m doing his task until someone else arrive One thing he had to do for audit purpose was to do a report for each palo Alto with Device stateHA StatusSoftware VersionApps and Threat versionAntivirus versionURL Filtering versionWildFire So he was getting...

Best way to integrate with panos?

There's ebl, edl, persistentdag, nonpersistentdag, etc. Limits on the number of feeds. Does anyone have a concise summary of some kind which makes picking which one of these, or combination of these, is the best route to go for integrating with panos?

chirss by L3 Networker
  • 3676 Views
  • 1 replies
  • 0 Likes

Global VPN

Hi All, Since IOS devices has issue in global vpn due to which it cannot access the DNS define in gateway when splittunneling is enabled.Due to which user cannot access certain URL so we added them in DNS suffiex , but if we want to define the domain can enabling inherit dns suffix will resolve the issue e.g URL is abc.network..com and adc.netw...

Himarya by L1 Bithead
  • 2376 Views
  • 1 replies
  • 0 Likes

Migrating Site to Site VPNs to IKEv2 & Suite B Crypto

Dears, I have multiple site to site VPN between my branches and most of them are terminated on PAN3020 and PAN-820.I want to upgrade them all to IKEv2 and Suite B Cryptography. What is the recommended IKE and IPSEC proposals when moving to IKEv2 and Suite B. Thanks.

Ammar by L2 Linker
  • 2880 Views
  • 1 replies
  • 1 Likes

Resolved! Critical License Expiration

Hi! I have a PA-VM 300, and I've got the error message "Critical License Expiration" warning.I can't seem to ping my fw interface from a directly connected host, though I have my MGT profile configured to allow ping to my internal interface. I have read somewhere that unlicensed FW can only pass the first 200 sessions, then after that it will no...

LIC errors.png

Need assistance with Certs and Firewall

I has been years since I have done anything with Microsoft CA so I am really struggling. Here is the problem: When enabling URL filtering and I am blocking a certain site that has HTTP and HTTPS, the HTTP page will present the block page, but the HTTPS does not. I am not doing any SSL Decrypt, I want to in the future but that is requiring cert...

Resolved! Certificate expired

Hello, Received following message/alert.WarningsCertificate PA Net Root CA in shared expired on Jun 3 23:26:00 2016 GMTCertificate GlobalProtect in shared expired on Jul 27 02:34:06 2016 GMTDo we need to action any renewal? If so, kindly show the steps. TIA

Farzana by L4 Transporter
  • 9696 Views
  • 3 replies
  • 0 Likes
  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks