This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4108 Views
  • 0 replies
  • 0 Likes

Resolved! Looking for screenshots of a bare metal restore on a 2050

I'm developing an SOP and require screen shots for the following steps:On the ‘Device’ tab, choose ‘Setup’ and configure the following:On the ‘Management’ tab under ‘Management Interface Settings’, enter the firewall’s IP address, netmask, and default gateway.On the ‘Services’ tab, enter the IP address of the DNS server.Enter the IP address or h...

PAN-OS 8.0.2 URL logs not showing up

Hi guys, I'm running a new PA-VM-50 on 8.0.2 within Esxi. The VM is fully licensed and has all the latest dynamic updates and URL filtering db. VM License - VM-50VM Mode - VMWare ESXiSoftware Version- 8.0.2GlobalProtect Agent - 0.0.0Application Version -701-4036 (05/18/17)Threat Version - 701-4036 (05/18/17)Antivirus Version - 2247-2734 (05/18/...

Resolved! "Engine Fatal" error message in minemeld

Currently on version 0.9.38 and I'm getting a fatal engine error message. Tried restarting the engine I get this error message. minemeld-engine FATAL Exited too quickly (process log may have details)minemeld-supervisord-listener RUNNING pid 1519, uptime 0:09:19minemeld-traced FATAL Exited too quickly (process log may have details)minemeld-web R...

RobertWu by L0 Member
  • 4585 Views
  • 1 replies
  • 0 Likes

SSL decryption for email

Hi, Do we need to enable SSL decryption simply for reading SMTP messages? We have created a profile under Objects and attached it to incoming mail policy but attachments with extension dll, bat, exe file all get through and see nothing in Wildfire submissions. Thanks in advance.

FileBlock.png
Farzana by L4 Transporter
  • 2692 Views
  • 2 replies
  • 0 Likes

Config .XML in the config bundle is empty

Hi everybody! I have a little issue with which maybe you can help me: I have a HA with a pair of 3060s among other FWs managed by a Panorama, when exporting a config bundle from the Panorama, the config XML file for the pair of 3060s is empty. What can be the reason?? Thanks in advance and Kind Regards, Marcos.

Carracido by L4 Transporter
  • 3551 Views
  • 3 replies
  • 0 Likes

Resolved! Monitor Logs

How do I change what gets logged in the monitor URL logs.. All I see are block url messages.. I need to see all traffic.. Thanks

rmsdip3 by L1 Bithead
  • 3432 Views
  • 4 replies
  • 0 Likes

Panorama VM - 8.0.x - How long can we run in Legacy Mode?

We currently have a Panorama virtual machine with 2TB of storage runnint 7.1.x. I know there are changes to the log database in 8.0.x. We also have some newer PA firewalls that only run 8.0.x, so we would like to upgrade Panorama. How long can we run in "legacy" mode with Panorama 8.0.x? I don't have 2+TB of additional storage at the moment ...

Check patchs installed HIP

Hi, We configured the HIP module in Palo Alto but is not able to detect patches installed on Global Protect clients sometimes.There are clients, connected to the VPN GP that if it is able to see the patches, in contrast there are others that does not detect any patch installed.We would like to prevent the propagation of WannaCry through the GP V...

patch.JPG

How to find source of high open sessions and/or throughput

If your Palo Alto firewall is experiencing an unusually high OPEN session count, and/or high throughput, what is the best way to determine the source or destination at the same time of the event? We have most of our security rules set to log at session end, so doing research on open sessions makes it a little harder. I have confirmed that the...

jambulo by L4 Transporter
  • 9524 Views
  • 5 replies
  • 0 Likes

Resolved! web access for local administrators

We have our web access rules setup to match up with AD groups, so if you’re not in an web access AD group then you can’t get on the internet. The issue our PC support guys have is when they log into a PC or laptop as a local administrator they will need internet access to install software such as Office 365, web browsers etc. but cant because th...

Link Failure - Syslog

Hey all! I have a PA-3020, eth1/1 and eth1/2 are an aggregate (ae1). on the switch, it's a Port-channel. I want to be informed when one of both interfaces is down. So I set up a syslog server and all system logs are forwarded. For testing purposes, I shut down one port on the switch. eth1/1 is down now. But in the system log, I just get "informa...

MPI-AE by L4 Transporter
  • 2109 Views
  • 1 replies
  • 0 Likes

How to combat VPN’s that use spoofed SNI?

Hi all, My environment has a large fleet of iPads in an educational institution. We have restricted internet (no social media and so on) so the students spend time finding ways around it. We thought that bringing the PA unit in and enabling decryption had stopped issues with students using VPN services however we found recently that they are wor...

stuart.l by L2 Linker
  • 6066 Views
  • 1 replies
  • 0 Likes

Resolved! arp issue with PA Active/Active

Hi 2 PA-3060's, setup in Active / activeI have a vlan 213 with 10.172.213.0/24 assigned to itI have .2 and .3 assigned to the PA's and .1 assigned as a HA Virtual ip . I also have 3 virtual machines, app1 app2 app3. app1 and app3 can arp 10.172.213.1, app2 can't these vm's are on the same host, and a few hours ago app2 could arp .1 (DGW). last...

Suspicious Packet with MAC address all zeros

Hi All, I monitor networks for my client, recently I discovered some suspicious outbound traffic from internal to a known malicious host, although the packet was dropped on the PA. the logs I have showing that the packet's source IP as the internet's router sub interfaces IP with MAC address all zeros & destination IP as the malicious host a...

sum0831 by L1 Bithead
  • 7362 Views
  • 3 replies
  • 0 Likes

Resolved! Blocking All Internet Traffic from certain PCs

I have several older machines (XP) that are used for special purposes that cannot be be upgraded. Even the hardware cannot be upgraded or replaced (running on old dell dimenion desktops). These machines do not need access to the internet but they are on the same domain and need to be able to communicate with other domain machines. I want to ma...

jharlow by L3 Networker
  • 9716 Views
  • 13 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks