This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4235 Views
  • 0 replies
  • 0 Likes

SSL decryption for email

Hi, Do we need to enable SSL decryption simply for reading SMTP messages? We have created a profile under Objects and attached it to incoming mail policy but attachments with extension dll, bat, exe file all get through and see nothing in Wildfire submissions. Thanks in advance.

FileBlock.png
Farzana by L4 Transporter
  • 2734 Views
  • 2 replies
  • 0 Likes

Config .XML in the config bundle is empty

Hi everybody! I have a little issue with which maybe you can help me: I have a HA with a pair of 3060s among other FWs managed by a Panorama, when exporting a config bundle from the Panorama, the config XML file for the pair of 3060s is empty. What can be the reason?? Thanks in advance and Kind Regards, Marcos.

Carracido by L4 Transporter
  • 3588 Views
  • 3 replies
  • 0 Likes

Resolved! Monitor Logs

How do I change what gets logged in the monitor URL logs.. All I see are block url messages.. I need to see all traffic.. Thanks

rmsdip3 by L1 Bithead
  • 3492 Views
  • 4 replies
  • 0 Likes

Panorama VM - 8.0.x - How long can we run in Legacy Mode?

We currently have a Panorama virtual machine with 2TB of storage runnint 7.1.x. I know there are changes to the log database in 8.0.x. We also have some newer PA firewalls that only run 8.0.x, so we would like to upgrade Panorama. How long can we run in "legacy" mode with Panorama 8.0.x? I don't have 2+TB of additional storage at the moment ...

Check patchs installed HIP

Hi, We configured the HIP module in Palo Alto but is not able to detect patches installed on Global Protect clients sometimes.There are clients, connected to the VPN GP that if it is able to see the patches, in contrast there are others that does not detect any patch installed.We would like to prevent the propagation of WannaCry through the GP V...

patch.JPG

How to find source of high open sessions and/or throughput

If your Palo Alto firewall is experiencing an unusually high OPEN session count, and/or high throughput, what is the best way to determine the source or destination at the same time of the event? We have most of our security rules set to log at session end, so doing research on open sessions makes it a little harder. I have confirmed that the...

jambulo by L4 Transporter
  • 9732 Views
  • 5 replies
  • 0 Likes

Resolved! web access for local administrators

We have our web access rules setup to match up with AD groups, so if you’re not in an web access AD group then you can’t get on the internet. The issue our PC support guys have is when they log into a PC or laptop as a local administrator they will need internet access to install software such as Office 365, web browsers etc. but cant because th...

Link Failure - Syslog

Hey all! I have a PA-3020, eth1/1 and eth1/2 are an aggregate (ae1). on the switch, it's a Port-channel. I want to be informed when one of both interfaces is down. So I set up a syslog server and all system logs are forwarded. For testing purposes, I shut down one port on the switch. eth1/1 is down now. But in the system log, I just get "informa...

MPI-AE by L4 Transporter
  • 2154 Views
  • 1 replies
  • 0 Likes

How to combat VPN’s that use spoofed SNI?

Hi all, My environment has a large fleet of iPads in an educational institution. We have restricted internet (no social media and so on) so the students spend time finding ways around it. We thought that bringing the PA unit in and enabling decryption had stopped issues with students using VPN services however we found recently that they are wor...

stuart.l by L2 Linker
  • 6637 Views
  • 1 replies
  • 0 Likes

Resolved! arp issue with PA Active/Active

Hi 2 PA-3060's, setup in Active / activeI have a vlan 213 with 10.172.213.0/24 assigned to itI have .2 and .3 assigned to the PA's and .1 assigned as a HA Virtual ip . I also have 3 virtual machines, app1 app2 app3. app1 and app3 can arp 10.172.213.1, app2 can't these vm's are on the same host, and a few hours ago app2 could arp .1 (DGW). last...

Suspicious Packet with MAC address all zeros

Hi All, I monitor networks for my client, recently I discovered some suspicious outbound traffic from internal to a known malicious host, although the packet was dropped on the PA. the logs I have showing that the packet's source IP as the internet's router sub interfaces IP with MAC address all zeros & destination IP as the malicious host a...

sum0831 by L1 Bithead
  • 7534 Views
  • 3 replies
  • 0 Likes

Resolved! Blocking All Internet Traffic from certain PCs

I have several older machines (XP) that are used for special purposes that cannot be be upgraded. Even the hardware cannot be upgraded or replaced (running on old dell dimenion desktops). These machines do not need access to the internet but they are on the same domain and need to be able to communicate with other domain machines. I want to ma...

jharlow by L3 Networker
  • 9932 Views
  • 13 replies
  • 0 Likes

Resolved! Creating a block timeout for mac addresses for malicious behavior

Hello, I was interested if there was a way to block a mac address of a device for malicious behavior? Bacially if i have a user on a guest connection and they are searching things they shouldnt, they could be blocked for 5 minutes or whatever and then return to the network. I know its a strange request but I was curious to see if it could be don...

mmaynard by L0 Member
  • 3042 Views
  • 2 replies
  • 0 Likes

Setting Up MS DirectAccess

Trying to configure DireectAccess (Windows Server) to work but I believe it is failing due to the Palo Alto. I created a custom application and application override for the ports needed but still failing. Per a Microsoft Document, "the firewall has to be configured to pass the traffic through transparently. you cannot NAT the traffic". How do I...

jharlow by L3 Networker
  • 4165 Views
  • 3 replies
  • 0 Likes

Resolved! Seperate Internet Connections

HiFirst time here, so after some advice.We have a Palo Alto 3020 providing internet access and DMZ, all is running fine.I have to order another internet circuit, which is the best way to connect / configure this? 1. Create an LACP port channel on the inside and use 2 Gig interfaces as the new inside (traffic will go up to 2GB).Create a second ou...

  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks