This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4117 Views
  • 0 replies
  • 0 Likes

New PA user and currently concerned

Hi I am a new PA user, purchased a pa-850 and 2 x PA5220's Adding these to my OSPF network, i have setup a policy "network protocols" that allows OSPF. But for some reason in my log, I get OSPF time out session and aged out sessions and sessions that have 0 bytes. So I contact support. after 2-3 weeks, they bring it up in their lab and I am tol...

Alex_Samad by L4 Transporter
  • 10304 Views
  • 21 replies
  • 0 Likes

Resolved! Pan Configurator service-edit.php

With Pan Configurator service-edit.php if I want to delete unused objects is it possible to set a count limit? For exampel I dont want to do all 500 at one time unt say 100 at a time. Look to see if there is a string like "maxcount' to end comman below. " php address-edit.php in=2473.xml out=/dev/null actions=delete 'filter=( object is.unused)'

Possible to stop local account passwords syncing when in HA

Hi All, We are currently in the process of roling out a Privielged Account Security platform to mange and rotate passwords across all of our devices. We have ran into a snag with the PAs because of the password sync when in HA... Is there a way to disable the sync of passwords for local account allowing us to have independent passwords on each...

aldow93 by L0 Member
  • 5588 Views
  • 4 replies
  • 0 Likes

Resolved! Checking Global Protect Client Status via Command Line

We have had a heck of a time getting Global Protect 4.0.2 deployed in our environment. One of the things I am coming across is that the install goes fine, at least accoring to the exit code on msiexec and in looking thoguht the log created by msiexec. However, the pangps service does not always get created. Granted, the number of macine affec...

BeejCyr by L1 Bithead
  • 27420 Views
  • 7 replies
  • 0 Likes

Port Scan Options

Hi all, Looking for some feedback from anyone else who has run into this issue before. Basically we have zone protection set up for our Wifi and ResNet security zones. Included in this zone protection is a block-ip rule for port scanning. We've received a request to allow client devices on these networks to reach a server using a specific piec...

jsalmans by L4 Transporter
  • 5193 Views
  • 6 replies
  • 0 Likes

Custom application tutorials?

Anyone know where I might find an in depth tutorial on creating a more advanced custom application? The tutorials I've found have all been HTTP related, which is great, but I was hoping to find something that did something a little more complex like something that used TCP and/or UDP signatures. Thanks!

jsalmans by L4 Transporter
  • 5609 Views
  • 7 replies
  • 0 Likes

Resolved! How to specify which program generates malicious traffic?

Hello all, I know this question is outside of the PAN device matter. But my customer asked me how to specify the program on his computer for removing malicious program.Let me tell you exmaple: When I see threat log, it showsSrc 192.168.1.1:12345 Dst 100.100.100.100:80 We can understand that we need to investigate 192.168.1.1 device.On this devic...

emr_1 by L5 Sessionator
  • 2939 Views
  • 1 replies
  • 0 Likes

Resolved! PA cannot distinguish between Dropbox and Cloudfront

Hi, PA does not seem to be able to distinguish between Dropbox and Cloudfront. In the Traffic logs, all sessions are identified as dropbox-base. Outputs from show session id: DROPBOX:start time : Thu Aug 3 09:58:15 2017timeout : 120 sectotal byte count(c2s) : 4843total byte count(s2c) : 6128layer7 packet count(c2s) : 11layer7 packet count(s2c) :...

Farzana by L4 Transporter
  • 4373 Views
  • 3 replies
  • 0 Likes

Unable to probe IP x.x.x.x, list is full with 201 entries, currently probing 40 IPs

Hi...i have two PA Boxes(4.1.9) and one User-ID Agent(5.0.4-5)i've got unknown message from User-ID Agent log. ===== UaDebug Log ===== 06/17/13 08:57:50:139[Debug 911]: Unable to probe IP 172.19.73.93, list is full with 201 entries, currently probing 40 IPs 06/17/13 08:57:50:139[Debug 911]: Unable to probe IP 10.201.120.66, list is full with 2...

willstech by L3 Networker
  • 7397 Views
  • 5 replies
  • 0 Likes

Problem rebooting/shutting down firewalls through Panorama

We are running Panorama 8.0.4 with TACACS for authentication.I have noticed that when I switch to the context for a device, or Panorama itself, the options for rebooting/shutting down a device are missing.If I navigate to Device->Setup->Operations, the only options available are for manipulating the configuration.I have checked and the adm...

Resolved! policy drop with icmp not sending icmp

I have a catch all before the default/inbuilt rulesmy action is drop with icmp but when i test and run a tcpdump at the same time I see no icmp packet to say unreachable . Very strange ? Anythoughts ??

MSFT Office365 Domain As Phishing?

I was running a 228 PAN-DB version and have since noticed the content version updated. Did anyone else have any issues with Office365 services? ME @firewall(active)> show running url secure.aadcdn.microsoftonline-p.comDP dp0:secure.aadcdn.microsoftonline-p.com phishing expires in 380 secondsDP dp1:secure.aadcdn.microsoftonline-p.com content-...

PA-220 boot Error?

Received this Unit today and on 1st boot, N0.LMC0 Configuration Completed: 8192 MB Warning: Board descriptor tuple not found in eeprom, using defaults KINGFISHER board revision major:1, minor:0, serial #: unknown OCTEON CN7130-AAP pass 1.2, Core clock: 1000 MHz, IO clock: 500 MHz, DDR clock: 800 MHz (1600 Mhz DDR) SPI stage 1 bootloader SPI ID: ...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks