This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4239 Views
  • 0 replies
  • 0 Likes

Generate an e-mail alert from a DENY policy

HiJust a quick question, one of my policies on my PA5020 is a "Deny_Any" policy whereby if no application matches the policy base then it gets denied. The only time I see this is when I view the monitor | logs | traffic. Is there any way I could get an email sent to me when the DENY policy is matched? Thanks in advance Julian

JulianH by L1 Bithead
  • 3391 Views
  • 3 replies
  • 0 Likes

LDAPS inexplicably working on 2 DCs, not on 3rd

Please suggest a better title, this issue has sent me through the ringer. We have a site with an MPLS connection down. The PAs use the domain controller in our datacenter for authentication for both admin, and GP users, which is over the MPLS. LDAP requests of coures.. fail. We also have a DC in Azure, which the PA has an IPSEC tunnel attache...

Resolved! Netflow not working

Hello, In the Traffic monitor logs, nothing is showing up for netflow.Using PAN-OS 7.0.4.Tried using port 2055 and 9996.Tried to use default and MGT interface of Netflow and SNMP Trap under Device>Setup>Services>Service Route Configuration. We have setup Netflow as per below:Device>Server profiles>Netflow:Packets: 50; Minutes: 1; ...

Farzana by L4 Transporter
  • 5281 Views
  • 1 replies
  • 0 Likes

How to SSL Bypass based on application

Hello, I wanted to share a solution I have implemented recntly. Bypassing SSL Decryption based on applications was a request I had from many customers.I know there is an FR for that. but until then, with PAN-OS 8, it is possible to achieve differently. I had a specific scenario where one of my customers had to connect to his customer's Pulse Sec...

tag.png
dynamic address group.png
bypass rule.png
log forwarding.png
Ozamir by L2 Linker
  • 8945 Views
  • 2 replies
  • 8 Likes

ERR_SSL_PROTOCOL_ERROR GlobalProtect

Hi All, When I try to open the URL of our portal I get the following error in Chrome: Chrome: ERR_SSL_PROTOCOL_ERRORFirefox: SSL_ERROR_HANDSHAKE_FAILURE_ALERT I also imported the wildcard certificate to 'Personal' and 'Trusted Root CA.' Logs: PanGP Service: (T9576) 09/14/17 13:13:24:014 Debug(4266): NetworkConnectionMonitorThread: m_state = 0, ...

DocEmre by L0 Member
  • 8109 Views
  • 4 replies
  • 0 Likes

Single Pass Parallel Processing SP3

Hi All, Please can someone explain me the concept of SP3 in simple terms as i dont find any good resource to understand this.I understand that passing the traffic through different devices will impact throughput and add latency,but how does PA works to overcome that. Thanks

mahmoodm by L3 Networker
  • 20144 Views
  • 11 replies
  • 0 Likes

Panoram and Clusters

HI Sort of asked this before, but with a couple more months of experienace, I am back again So I have a cluster I want to manage with panorama Object and polices work great... templates not so good. So I have a cluster setup for Global protect, but I have to duplicate my certificates, interfaces and zones between 2 templates. because things are...

Resolved! Suggestions for Splunk Search/Report

We have the Palo Alto app for Splunk logging everything correctly, I'm basically looking for suggestions on solid search reports to eliminate most of the noise. I've been combing through some of the Splunk forum posts but nothing jumping out at me so far. Thanks in advance.

Resolved! Running MineMeld on VMWare desktop

I have set up the trusty server and the minemeld iso however I am unable to login to the ubuntu shell with the provided default username and password.any thoughts?

haigroup by L1 Bithead
  • 23519 Views
  • 12 replies
  • 0 Likes

Behaviour identifying SSL after dynamic updates installation

Hi, Last night the scheduled dynamic installation was done, the new version 734-4212 (apps) was installed. When this installation happened a lot of traffic before detected like ssl in previous version, it was being detected like "not-applicable" and jumping all rule until default deny. We did a revert updated packet to solve it. Why PA suddenly ...

Resolved! Bug in 8.0.4?? display logs with administrator accounts

Hi, We are receiving the error: "sytax error output" when we click on Monitor->logs. We have several administrator accounts for each vsysn anf it happens this problem.On the another hand, we have a superuser who can display all logs properly. Any bug in 8.0.4 with administrator account displaying logs???

Capture.JPG

Resolved! File Blocking process

How does Palo Alto identify files, such as ".exe" when we have a rule set to block the download? What is the process that Palo Alto uses?

Global Protect connection windows

Guys,It's there a way to hide the windows of global protect if the user can't connect to the portal?.I need to do this super transparent to the user, now i'm installing the client with this settings:GlobalProtect.msi /quiet ENABLEADVANCEDVIEW="NO" SHOWAGENTICON="NO" CONNECT-METHOD="pre-logon" CANCHANGEPORTAL="NO" CANPROMPTUSERCREDENTIAL="NO" POR...

  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks