This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4238 Views
  • 0 replies
  • 0 Likes

Resolved! Adding Virtual Systems (VSYS) to production PA-3020

I have run out of Zones on my PA-3020 and can't justify purchasing a 5020 so I am exploring the addition of VSYS license on the 3020.What am I going to be getting myself into if I need to go this route and add the VSYS licensing? Will it break my existiing config, require a migration of some sort or require a major reconfiguration of everything?...

Anyone have a good list of Azure IP addresses?

Our developers have websites in the Azure cloud, which make calls in to servers internal to our network. I am trying to keep a limit to what Azure IP addresses I allow access in, but it becomes a game of whack-a-mole each time the IP changes and I have to add it to a rule. Does anyone have a list of what Azure ranges are and where they are located?

Limited Role to disable GP

We are using GP in an always on state. From time to time our users need to disable it to user another VPN or when things just aren't working. I would like to be able to allow our help desk to log in to our firewall and only be able to go to Network - Portals and Generate Ticket option. This way a user calls in, they log in and generate the key...

URL category determined from browser?

I had a website that was mis-categorized and put in a request to have it recategorized. It changed in the next PAN-DB update within the hour, and I was able to confirm that the site was showing the proper category now. I could see the new category being used when I looked at traffic from my machine to that site, but when the original user tried,...

OpenPhish Feed False Positives 10/07/17 Around 04:00 EDT

We have a URL EDL setup using the OpenPhish miner that comes with Minemeld (openphish.feed miner) that a deny rule is matching against. We have never had any issues with it blocking legitimate URL's but a few days ago the deny rule that matches against the OpenPhish EDL started blocking legitimate sites such as www.youtube.com, www.dell.com, w...

Agentless User-ID Connection to Active Directory Servers give me timout connection error

Helloplz help me in this problem, Agentless User-ID Connection to Active Directory Servers give me timout connection error, how i can fix this ?i'm using server 2012i already followed this link steps : https://live.paloaltonetworks.com/t5/Management-Articles/Agentless-User-ID-Connection-to-Active-Directory-Servers/ta-p/52041but with no result

user-agent.jpg

Captive portal issue

hi -captive portal is configure for the users -on iphone it is working fine -for andriod versions i.e it is not poping up the page-Sign-in to wifi Pop Up is not coming on android 6.0.1, android 5.0, android 4.4.2-Intermittent connection on mobile applications like facebook messenger and Facebook on random mobile devices despite the "allow all" p...

Rameshwar by L3 Networker
  • 5775 Views
  • 10 replies
  • 0 Likes

Resolved! Separating Inbound and Outbound indicators

I created a miner based on Unit42 tag search. I was trying to see how many inbound and outbound indicators it has, so I added two processors (Prototype: stdlib.aggregatorIPv4Inbound & stdlib.aggregatorIPv4Outbound) and connected to output nodes. Somehow I see the same number (227) of indicators for both. Is this expected or a bug? Please a...

How to determine DoS Alert, Activate and Max thresholds (Packets/second) from PaloAlto firewall.

Hi, We have implemented the PaloAlto firewall through which traffic is passing without any issues. Now we want to enable DoS protection and we assume that the current traffic passing through firewall is legetimate. I need your help to understand and obtain the below values.How to get packets per second value for the traffic entering the particul...

Gururaj by L4 Transporter
  • 3152 Views
  • 1 replies
  • 0 Likes

Get newly added Device in sync with Panorama

I have been manging a PA-500 individually for a few months due to it being on Code 5.x and it not being able to be managed by my Panorama 8.x server. So I have finally brought this PA-500 up to code 8.x, runs like an old three legged dog now, but now I need to start managing with with Panorama. So how do I make sure I do not override the current...

Disabling BYOD VPN when not conncected.

For security of my personal device, I'd like to verify how to fully disable the BYOD VPN software when I'm not connecting. Also, I'd like to verify how can I be sure I'm running the BYOD version and not some version that has spyware capability?

Resolved! Panorama traffic invisible

PAN(VM) and PA1 management interfaces are both Zone A. PA1 connects to PA2(remote site) on IPSEC tunnel. Traffic from PA2 on PA1 is considered in Zone A and viceversa on PA2 for traffic from PA1. If i do packet capture on either PA, I can see there is bidirectional traffic between PA2 and PAN. But traffic logs don't show anything, I may select ...

raji_toor by L4 Transporter
  • 5385 Views
  • 6 replies
  • 0 Likes

How to block unknown machines from traversing the network

Hi all. My question is how can I create a rule that blocks traffic from a computer I brought from home as opposed to from my work domain? I want to be able to see people that bring their own devices onto the network and then block access to the network as a whole. Is this do-able without Captive Portal? Any help would be appreciated 🙂

Roshawn by L2 Linker
  • 8274 Views
  • 10 replies
  • 0 Likes
  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks