This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4229 Views
  • 0 replies
  • 0 Likes

Resolved! URL DB recategorization

Hello ,We are currently using Panorama 5.0.11 Version .Most of the website is blocking due to this version .We have already requested brightcloud to recategorized the URL to new one .But still we are facing the issuue.Like widma.com coming to Adult and porn category .Also how to clear the URL cache via CLI.

tiwara by L3 Networker
  • 11275 Views
  • 8 replies
  • 0 Likes

Box - Control access

We are discovering more and more companies are using EFSS (or just FSS) solutions like Citrix FileShare, Box, OneDrive, Google Drive, and even Dropbox to share content. We have had a blanket deny policy for a long time so as to prevent using one of these services to store sensitive data with no ability to audit, but it is becoming clear that th...

Resolved! Reached max allowble probes

Users have no access. [Debug 988]: Reached max allowble probes, adding IP 10.100.xxx.xxx to queue for later processing. Probing 40 IPs, list contains 117 entries Reached max allowble probes, adding IP 10.100.xxx.xxx to queue for later processing. Probing 40 IPs, list contains 117 entries Probing IP 10.100.xxx.xxx failed. For initial probing...

Resolved! Can PA-200 or PA-500 be infected with Win32/Hupigon?

I had a puzzle today from my ISP suggesting that they are receing traffic infected with Win32/Hupigon from the management interface of my PA-200s and PA-500s. I don't route user data through the management interface. So, is it really possible that PA-200 or PA-500 can be infected with Win32/Hupigon?

bokeke by L0 Member
  • 2399 Views
  • 1 replies
  • 0 Likes

Is there a way to report or trigger email notification for correlated events?

I'm working towards generating some reports for our other IT departments and I noticed the correlated events have some really nice information that might indicate when someone is infected with Malware. I'd like to get that information over to our desktop support team but I'm not sure the best way to do it. I could certainly give them restricted...

jsalmans by L4 Transporter
  • 3882 Views
  • 2 replies
  • 0 Likes

Resolved! GRE traffic being dropped by PAN

Hello, An internal host is attempting to establish PPTP tunnel connection with an outside Internet host. The internal host accesses the Internet over NAT (actually PAT) on firewall's outside IP address. There was no issue with PPTP (TCP 1723) connection, but GRE (IP 47) packets from the remote host could not reach the internal host. Packet captu...

Farzana by L4 Transporter
  • 5636 Views
  • 2 replies
  • 0 Likes

Resolved! User-ID and child domain Global Catalog server

Hi, I have a deployment question in regard to User-ID and multi domain. If we are trying to pull group mappings and have user ID setup only on a child domain server through GC LDAP, the user credentials used to login and thus pick up with the userid is in the format below.- child.domain.com\user- domain\userI don't think it's possible to have t...

Davyboy by L1 Bithead
  • 6473 Views
  • 3 replies
  • 2 Likes

Filtered OSPF

I would like my PAN 5060 to learn one route from my OSPF infrastructure generally - but no others. The idea is that when this route is availalbe traffic would flow to the inside trusted interface of the PAN. But if that route drops out due to WAN circuit outage then a higher cost static route on the PAN would send the traffic down an IPSec tunne...

palomed by L3 Networker
  • 3152 Views
  • 3 replies
  • 0 Likes

Centralized User ID Agent to All firewalls with AD integration

Dear Community, Kindly note that we would like to achieve AD integration through centralized user id agent ,in that all of the firewalls will have userid agent which is integrated with AD. So basically userid agent work as a proxy, How this can be achived. I had gone through this link, https://live.paloaltonetworks.com/t5/Configuration-Articles/...

ymamis by L1 Bithead
  • 5280 Views
  • 5 replies
  • 0 Likes

SSH Brute Force and IP exception

I have vulnerability profile with action for High severity signatures as "alert". I then configured an exception for SSH Brute Force (ID 40015) as "block-ip, src and dst (30 mins)". Everything worked well until we had issues for the systems exiting from our own network and we had to provide an exception for our egress ip. We then added IP addre...

NTLM authentication problems

Hello,I`m trying to configure NTLM Authentification over Captive Portal for users in my network. I have PA-500. I set the next configuration parameters:1. LDAP Server Profile2. Authentication Profile3. Authentication Policy (Authentication enforcement is "default-browser-challenge")4. User-ID checkbox on the trust zone5. Generate certificate and...

niitnn by L1 Bithead
  • 6501 Views
  • 8 replies
  • 0 Likes

Logs not appearing in WebUI (likely nginx configuration fault)

Let me preface this by saying that I'm awre i've introduced this fault through my own modifications (and lack of experience with nginx). That being said I'd appreciate and insight into how I've broken this function. Symptom is that the 'LOGS' tab on the webUI displays nothing inside the frame other than the MM logo and "Loading...", likewise the...

Pan-OS 8.0 and PA-200

Has anyone upgraded a PA-200 to PAN-OS 8.0? If so have you seen a performance hit at all? Notice a difference in how long things take? Commits? Response time? How long did the upgrade take? Did it take the 50-60 minutes Palo says? If so is that sitting right next to you or on the local LAN? Or was it over WAN connection? Just looking for info at...

JeffTQT by L2 Linker
  • 7545 Views
  • 8 replies
  • 1 Likes

Resolved! How PA deals with packets with bad checksum?

Hey Guys, Just trying to find out if someone knows, what PA policy is regarding packects with bad checksum?Will they be allowed through the PA, or PA silently drops those packets or sends back a reset tothe source? Any help appreciated. Thanks,Fatema.

Fatema by L2 Linker
  • 6845 Views
  • 2 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks