This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

Resolved! Can I block malicious files sent via email ?

If my organization users send or receive emails (internal or external) with malicious file attachments , will I be able to block such emails using PAN firewall file blocking features ? I think Microsoft O365 already creates an encrypted channel so the email attachments or contents are protected until the files are manually downloaded by user.W...

Active/Passive HA cabling to Cisco Switch Stack or Nexus

I am looking for a cabling recommendation diagram for LACP portchannels from Cisco Switch Stacks or Nexus to HA Palo Alto Pair. Nexus can obviously use vPC feature so it may be slightly different than a switch stack. Switch stack cabling currently: Cisco SW#1 - Port gi1/0/1 ---> PA3050 (Active) Eth1/1Cisco SW#2 - Port gi1/0/2 ---> PA3050 ...

aged out vs unknown

HI,From some pc session end reason for dns traffic shows 'aged out'and for some shows 'unknown'what could be the reasoninternet traffic from the pc which shows aged out are really slowany helpThanks

simsim by L4 Transporter
  • 15129 Views
  • 6 replies
  • 0 Likes

Resolved! Dynamic Updates from Panorama

If we have 200 firewalls connected to PANORAMA. And we have in PANORAMA, dynamic updates set to update at midnight. Does it fire off one at a time each firewall until its downloaded and installed on each firewall, before moving on to next firewall to update? Or does it fire update to all 200 firewalls at once?

internet issue

Hi,I have an issue the internet is very slow for a vlan 10 , In my qos rule this is network class in 2 and the another vlan 11 in the same class has no issues . And the rule number for qos vlan10 is 10 and for vlan 11 is 50 .'If any client using all the bandwidth in that class vlan 11 also have to have the same issue ? How can I trou...

simsim by L4 Transporter
  • 1926 Views
  • 1 replies
  • 0 Likes

Resolved! VPN IPSec No Proposal Chosen

Hi, I keep having issues with my IPSec sts VPN. Always have a No proposal chosen message on the Phase 2 proposal.And then P2 proposal fails due to timeout.I read that it could be IPSec crypto settings or proxy ID that don't match.Proxy IDs are OK because when I put non-existing network, I don't have these messages.Encryption settings seem also w...

M6P2.png
crypto.png
IPsec tunnel.png
IPsec tunnel2.png
Naelwan by L1 Bithead
  • 61847 Views
  • 10 replies
  • 0 Likes

skype for Business issue

Hi ,I'm facing issue with skype for business through paloalto. very bad quality, it's not BW issue because we check it even at night.any one support more with this subject.

Enabling TLS 1.1 in Decryption profile always allows 3DES even if unchecked

Scenario:Decryption profile for traffic from the internet to GlobalProtect IP along with an SSL/TLS Service Profile for GlobalProtect, both set to TLS 1.1 or above; Decryption profile has 3DES unchecked.PA-5020, 7.1.10Scans from sites like ssllabs.com will show that 3DES is still enabled. Only changing one of the profiles to TLS 1.2 stops this....

bfperez by L1 Bithead
  • 4573 Views
  • 7 replies
  • 0 Likes

Resolved! Malicious file not getting blocked

Hello, An email attachment has been classified by Wildfire as malicious. However, it was not blocked and just an alert was logged.Below are two screenshots from the Wildfire submission and threat logs.Any idea why has the Vulnerability Protection classified this threat as medium even though WildFire classified this file as malicious? How to make...

Log.jpg
Wildfire.jpg
Farzana by L4 Transporter
  • 2800 Views
  • 2 replies
  • 0 Likes

Resolved! Package Fetch/Repository Problem

Taken from the install guide, but is this still the correct repostitory: :~$ sudo add-apt-repository "deb http://minemeld-updates.panw.io/ubuntu trusty-minemeld main" :~$ sudo apt-get update Hit http://security.debian.org wheezy/updates Release.gpgHit http://security.debian.org wheezy/updates ReleaseHit http://security.debian.org wheezy/updates/...

Altering Cloned Template Changes Original?

I've been working with one of my customers on enhancing security across their firewall deployment. After creating a template in Panorama including management hardening and protocol hardening configurations, they cloned the template so they could apply it on another firewall. They then updated one of the zone names on the new template. And for s...

Minemeld administrator rights

Hello, I found how to add a new administrator. But I want this new administrator to get only read access on everything and write access on a miner - in order to add indicators (IPv4 and URL) on it. Do you know if it is possible ? and how ?

GVN2022 by L0 Member
  • 5682 Views
  • 2 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks