This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4237 Views
  • 0 replies
  • 0 Likes

URL category not effecting to all traffic passing through security policy

we are facing problem with PA 7.0.7 version , custom url category is mapped to security and certain URLS are allowed . when traffic passes the policy some of the traffics are allowed and then it hits the deny rule . The size of the packet becomes less when it is hitting the deny policy if we create a security policy only for one url it is worki...

Rameshwar by L3 Networker
  • 3087 Views
  • 5 replies
  • 0 Likes

Blocking Hexa Protocol (Hexatech VPN)

I just became aware of this yesterday, but we were seeing a rise recently in "unknown-udp" traffic on our Palo Alto Firewalls and have discovered what it was. The amount of traffic was significant - always used the more bandwidth than anything else on the network. There is a new-ish VPN service by BetterNet that uses a protocol called "Hexa" (...

SAML ADFS for GlobalProtect

Hi,Is someone able to shed some ligh on the below. 1. Can SAML be used to map to an LDAP group, if so is there guidance?2. Does PAN support using SAML AND prelogon/alwayson with GP? Thanks

Resolved! custom report - "unknown" category

Hello I observed that in my reports in pdf I have a lot of "unknown" in CATEGORY column.My report looks like: How is possible that google-base or linkedin-base have category=unknown ? RegardsSlawek

2017-08-15_201653.png
2017-08-15_203202.png
_slv_ by L4 Transporter
  • 6018 Views
  • 9 replies
  • 0 Likes

Resolved! Traffic seen as application "authentic8-silo"

Hi, On our PA device, we suddenly have this issue that lots of traffic is seen as application "authentic8-silo" which is not allowed.Lots of services (Lync/Skype for Business, websites and other services) which use SSL do not work anymore.There was no change/upgrade done before the issue started. Only the daily App/Thread/AV/URL filtering update...

Farzana by L4 Transporter
  • 3114 Views
  • 2 replies
  • 0 Likes

VPN Palo Alto - Microsoft Azure. Slow transfer. Not reaching internet by this tunnel.

Hello, We are having a annoying issue :S We have configured a tunnel routed-based between PA (7.0.6) to Microsof azure. The tunnel is up but we are detecting several problems. 1) The transfer speeds are very low, fluctuate and are nothing stable: When we try to move a file using this tunel from Azure to one of our servers in PA, the transfe...

URL Filtering response pages never appear

Hi, My URL filtering response pages never appear, even the default ones.Is there anything to do to activate them ? I always have the "This site can’t be reached" message with a connection reset. Thanks

PorZik by L0 Member
  • 8249 Views
  • 4 replies
  • 0 Likes

Syslog miner not recieving the syslog messages

HI All, I have used the below link to configure Syslog miner, but metrics are not showing up in stats. https://live.paloaltonetworks.com/t5/MineMeld-Articles/Using-the-syslog-Miner/ta-p/77262 I have tried to troubleshoot using following discussion but no luck https://live.paloaltonetworks.com/t5/MineMeld-Discussions/Mine-s-not-working/m-p/1...

syslog miner node.png
stats.png
rsyslog_config.png
rsyslog-logs.png

Clear Config on new Palo

Good Morning. Is there an easy way to clear out all configuration settings on a new Palo without having to go through the CLI to clear each item individually, or doing the same in the GUI? It is time-consuming to have to go in and delete the default Vwire, zones, and everything else that comes with a new appliance. Better yet, is it possible to ...

NAT very slow

PA-3020 Software Version 8.0.4I have several policies U-Turn Nat and Destination Address Translation in the DMZThree times a day the acces to these Policies becomes very slowIf I send a ping to one of these servers the time is very large the 1000 to 2000 ms approximately, butthe internet service continues to work in a normal wayWhen this happens...

Resolved! PA-VM-300 refuse to boot because master key expired.

Hi all, today i found my PA-VM-300 in maintenance mode, refusing to boot. Maitenance Entry Reason:Cryptod failure. Caused by: Master key expired.This firewall is a backup of our production firewall, in our Disaster Recovery Plan, in addition to VMware SRM.I use the API to push the production configuration to this firewall. In order to allow the ...

2017-08-16_171551.jpg

Virtual Panorama for Log viewing only

Hi all, I hope someone already did something like that to answer my question 😛 We have a virtual Panorama on PAN-OS 8 with a local log collector. On this panorama we manage differdnt firewalls and also store the logs of these firewalls. This panorama is in a secure zone where we ONLY allow acces for firewall administrators.So far so good. Now w...

Remo by L7 Applicator
  • 2124 Views
  • 2 replies
  • 0 Likes

sync issues

My HA pair went into split brain so I rebooted the secondary and now they will not sync

jdprovine by L4 Transporter
  • 3931 Views
  • 7 replies
  • 0 Likes

site 2 site with Meraki NAT'd behind ISP router??

We have a remote site connected behind ISP router and Meraki receives 192.168.X.X IP from it, and all networks locally are connected further to Meraki. The main site has public IP directly on the firewall. Not sure how to make configuration work.

raji_toor by L4 Transporter
  • 7946 Views
  • 7 replies
  • 0 Likes
  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks