This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4120 Views
  • 0 replies
  • 0 Likes

Blocking apps

Hi At the moment what is most annoying is the blocking external emails, for example, Gmail, depending on which browser you open appears as "gmail", as "ssl" or as quic. We have configured a block list for that, the problem is that users are starting to place them in the mail clients of W10 and Outlook, and we return to the same, Palo Alto sees i...

Recorded Future 401 access error

Hello,I am currently in the process of moving our threat feeds into Minemeld. One of our providers is Recorded Future, which i have enabled as a node, and set the API access key. when i go to run a the mode, it gives me a 401 client Error: Unauthorized naturally, i checked if the API key was incorrect, but i am still able to manually grab the fe...

JonasE by L1 Bithead
  • 8030 Views
  • 5 replies
  • 0 Likes

Resolved! Per-User URL Filtering Process

Can someone give me a break down of what the process flow is like? For example, Is a lookup done for the user then an IP mapping happens? Are the user-ip mappings being used for the decision in the filtering process? The reason I ask is that I have users connected via a VPN device the filtering doesn't seem to work.

Best Practices for Site-to-Site IP/Interfaces?

Hi all, I've currently got a site-to-site VPN tunnel already configured for one of our cloud services but we've got a request to add another service from another provider. Our current config has a single floating IP address with the associated tunnel configuration and assigned to a "Site-to-Site" security zone. I'm wondering what best practices...

jsalmans by L4 Transporter
  • 9219 Views
  • 10 replies
  • 0 Likes

Resolved! Security policy conflicts between the Application and Services?

Hi all. I am playing with security policy, and seeing a result that I am not expected.Basically I would like to allow connection from the Local (trusted) zone to a specific server in the DMZ zone to allow port 443 (ssl) traffic onlyIn the Source section, to simplify things a bit, I set to "Any, Any" (all user in the Local zone is allowed to acc...

Error "An instance of GlobalProtect is already present on the system."

Hello, 1. I unstalled the GlobalProtect for Windows 7(64 bits) then tried to install ProductVersion = 3.1.5. But I encountered the same error as follows over and over even after I followed up the comment in the link(https://live.paloaltonetworks.com/t5/Configuration-Articles/GlobalProtect-Error-During-Installation-quot-An-instance-of/ta-p/51937)...

GlobalProtect_error.png

Resolved! can't login to web console

The web console throw the bad gateway error, also status of minemeld-web service is FATAL except for minemeld-engine and minemeld-trace which has RUNNING status. How can I fix this?

Sergey_R by L1 Bithead
  • 22423 Views
  • 15 replies
  • 0 Likes

Resolved! Prototype to pass additional 'fields'

Hi, new user here trying out a local instance of minemeld. I would like to know if there is any way to set up a miner node that will parse and pass along more than just the 'indicator' from the source feed. Specifically, some source feeds contain more information along with each indicator such as ASN info and country codes. An example of a proto...

nickd5 by L0 Member
  • 3950 Views
  • 1 replies
  • 0 Likes

Some BFD through the firewall not forwarding

I have multihop BFD session between two zones through a 7050 firewall. Sessions originating from zone A to zone B work fine. Sessions originating from zone B to zone A do not work. Policies exist. There is a valid session in the session table with one way traffic. Log shows the traffic was allowed. This affects both IPv4 and IPv6 BFD peerings in...

Resolved! GlobalProtect OCSP URL location with Offline Root CA and Enterprise Subordinate CA

Hi guys, We are using Certificate Authentication Profile for Pre-Logon and then Username and Password before VPN can be established. GP is working fine and we would like to validate when certificate is revoked, it will stop the machine from connecting. In our environment we have an Standalone Root CA and Enterprise Subordinate CA and the URL loc...

ESutedy by L1 Bithead
  • 7133 Views
  • 4 replies
  • 0 Likes

Manual URL Sample Uploads

Hello, Anytime I try to upload a Webpage sample in Wildfire, I never receive any hits on it even though the portal says the upload was successful. Manual file uploads, I always receive a verdict, but its never the case with web pages. Any thoughts on why I can't see any reports on manual web page sample uploads? Thank you

Resolved! DHCP and DDNS Configuration

Hey All, I received a question from a client this morning, who is migrating their Cisco ASA to PANW. The Palo Alto will act as a DHCP server for a couple zones on the network. He wants to know if PAN has a similar feature as the ASA to support Dynamic DNS, where the DDNS update integrates DNS with DHCP. According to the below article the two pro...

Resolved! List of the compatible SFPs and RJ45 SFPs for the PA-3050

Hi Guys, I am looking for the list of the compatible SFPs and RJ45 SFPs for the PA-3050. Checking the link below it is not clear. https://live.paloaltonetworks.com/t5/General-Topics/List-of-compatible-SFP-modules-for-PA3020/m-p/24288/highlight/true#M17704 Please, ould you advice where can l get this info or if somebody can share it. Th...

  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks