This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4115 Views
  • 0 replies
  • 0 Likes

Resolved! AWS output/aggregator with unexpected missing indicators

Hello, I have a dev and prod instance of MM. Noticed both dev and prod behaving the same way, where many indicators were not showing up in output feed for AWS miners. Config on both is the following: nodes: aws_route53_miner: inputs: [] output: true prototype: aws.ROUTE53 aws_ipv4_output: inputs: - aws_ipv4_aggreg...

Resolved! Security Policies Clarity

What is the difference between pre rules and post rules ? None of my colleagues could answer this question upto my satisfaction.Can I expect expert comments ?

cmyakal by L1 Bithead
  • 3981 Views
  • 5 replies
  • 0 Likes

Resolved! External feed URL and minemeld update URL

In our environment, there is a PA between Minemeld and the Internet, so PA access control. Would you please tell me the subject URL and port number ? (A specific external feed becomes O365 is https://paloaltonetworks.box.com/s/gndwe5rzheg1ekwplxb4m3mrpcf5k41f) Regards, Naoya

qos

Hi,After egress max set in the following order ,If 100 Mb is the internet speed and through the trust link (1 GB) traffic is going other than untrust ( internet zone ) , the below configuration is ok ? . class 1 10class 2 10class 3 10class 4 40class 5 10class 6 10class 7 5 class 8 5 Thanks

simsim by L4 Transporter
  • 3477 Views
  • 6 replies
  • 0 Likes

Best practice for setting up address groups

Hi Newbie to PA. I want to create a address group dynamic (think that might be best. made up from a group of network addresses in each DC. So for example if I have 3 DC dc1 - 10.1.0.0/16dc2 - 10.2.0.0/16dc3 - 10.3.0.0/16 I could tag them with "dc_network" Looking at dc3 I could make that a dynamic group say 10.3.1.0/2410.3.10.0/2410.3.100.0/24...

IKE Phase 1 Timeout

IKE is failing to negoriate phase 1. I get this timeout and then a delete. Any thoughts on the possible cause? I'm thinkingthe peer is perhaps not permitting the traffic from this device perhaps at a security device in front of their tunneling firewall (ASA). ? May 11th 2017, 10:39:04.000 <14>May 11 10:39:04 172.19.5.38 prdfw100-pri.inter...

palomed by L3 Networker
  • 14385 Views
  • 8 replies
  • 0 Likes

Adding Multiple Individual IP addresses at one time.

In our environment we use tags on individual IP addresses for a few different things and then have policies in place to take those actions based on those tags. Sometimes we have requests come in with a lot of indivudla IP addresses that we have to add and tag in multiple VSYS's. This is tedious and time consuming because the only way I know how ...

permitir videos en vimeo.com

estimados, alguien que pueda ayudarme a permitir el acceso a vimeo.com ? al intentar ingresar a esta pagina me aparece un error de certificado ssl:Este sitio no puede proporcionar una conexión seguravimeo.com envió una respuesta no válida. Intenta ejecutar el Diagnóstico de red de Windows.ERR_SSL_PROTOCOL_ERROR

iph1->ivm == NULL

Dears, Since two days i am getting this message "iph1->ivm == NULL" and all VPN with ASA on the other side is facing iKE Phase 1 time out

pan1.PNG
Ammar by L2 Linker
  • 3792 Views
  • 5 replies
  • 0 Likes

Best practice with defining Zones - how many is too many

Hi So I have 3 locations (DC), Internet access , Vendor access, environment (Prod, Uat etc) and user and support users and dmz and ... should each of these be a zone ??? I am thinking not, after have a bit of a play, you can't make dynamic zones from tags. So I am thinking zone_internet - where the interface talks to the internetzone_vendor - w...

Resolved! NAT and OSPF

Hi I have a PA-3060 (A-A). I have a NAT lests say 1.1.1.1: 443 -> 192.168.10.10:10000 now the PA is part of an OSPF network, how to I publish out the address 1.1.1.1 I was thinking of adding 1.1.1.1 to a loopback and adding to a virtual router and then adding the interface to OSPF. I read that I need a policy for src address: port -> 192....

Upgrade to 8.0.2 bricked my PA500

So am I the lucky one to have what should have been a simple upgrade brick the firewall?Was running 7.1.7, normal download and install 8.0.2Firewall came up with the yellow status light.Was able at that point to login to gui.Found this little darling message in the system log: System messages:'data_plane: Depend script failed max times'See datap...

gefuchs by L1 Bithead
  • 5852 Views
  • 8 replies
  • 0 Likes

Resolved! Dynamic Updates on PA-200

I have a PA-200 that is configured to check for updates every half hour aprox. The thing is that Antivirus, Aplications and Threats are not installed as scheduled!!! When I log in to check, the check to Internet is done, but the package is not downloaded or instaled (in schedule task action in both is download-and-install) If I do it manualy, ev...

  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks