General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Discussions

Thank You for Filling Out the LIVEcommunity Experience Survey!

If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users. 

 

In the past six

...

survey-livecommunity.png
jforsythe by Community Team Member
  • 520 Views
  • 1 replies
  • 4 Likes

Resolved! DNS sinkhole log action ons DNS rule

https://live.paloaltonetworks.com/t5/Articles/How-to-Configure-DNS-Sinkhole/ta-p/58891 explains how to configure DNS Sinkholing.

In step 3 the anti-spyware profile is added to the security rule that allows DNS traffic.

 

Does logging (at session end) ne

...

dieter_b by L4 Transporter
  • 2437 Views
  • 11 replies
  • 0 Likes

Invalid Role - RADIUS

Greetings!

 

Am troubleshooting PA authentication using RADIUS. The user is part of the appropriate AD group for the RADIUS configuration and the PA and RADIUS server are both setup for RADIUS auth.

 

On the PA side, added an administrator and set their

...

SDorsey by L4 Transporter
  • 4118 Views
  • 6 replies
  • 0 Likes

Resolved! Best Practice for insufficient-data

Hi all,

 

What are you doing with traffic identify as "insufficient-data"?

I know we are supposed to do pcap and trying to identify if then create custom app but ... on real life 

 

Although you have created a rule for denying all, insufficient-data stil

...

rule.png
log
VinceM by L5 Sessionator
  • 12610 Views
  • 3 replies
  • 0 Likes

NAT DIPP fallbacks

Hi there

Im seeing  NAT DIPP fallbacks quite a lot relating to a NAT rule, theres does not appear anything not working so im wondering if its somehting that im not noticing work.  Ocasionally it feels more sluggish that it should when browsing web pag

...

SQLinjection not being detected by PA

Hi, we are receiving these tries about SQL injection but our Palo alto is not detecting it. How can we do that PA detect this SQLi????? we have updated the threats signatures.

 

Sql injection

GET /ficha-modelo?id=2&entidad=99999999%27%20oR%20%277%27=%27

...

SOC_CSG by L4 Transporter
  • 1809 Views
  • 8 replies
  • 0 Likes

Hybrid whitelist/blacklist Policy

I played around on our lab FW a bit but couldn't get this working. Here are my objectives:

- Create a "White List" custom URL category that allows only a handful of web sites. (Working with URL Filtering profile.)

- Log all permits (Working. I got this

...

Resolved! URL Filtering - Bypass for Level 1-2 Support

Good Afternoon

 

I have a request to look into a way a Level 1 - 2 Support Person can easily bypass a blocked URL.  Be it by policy, a custom button on the response page, captive portal, or a combination of whatever might be needed to do so.  Has anyon

...

Resolved! How many can I create url-filtering profile on 5050?

Hello,

 

I have two questions.

1.How many can I create url-filtering profile on 5050?

 

2. And I have watched as below output of cli on 3020,

sylee@PA-3020-uquest(active)> show system state filter cfg.general.max* | match profile

cfg.general.max-profile: 15

...

Wildfire .ace archive support

Does Wildfire support the .ace filetype?  I've received messages that should have been filtered that have .ace payloads.  The message attachments are clearly malware based on virustotal.  The message bodies are classic phishing type attacks. I have a

...

Drop all packets

I added an exception to a spyware profile to drop all packets and it now says its dropping and allowing the packets how can that be?

jdprovine by L4 Transporter
  • 2362 Views
  • 9 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors