General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 428 Views
  • 0 replies
  • 2 Likes

API for clearing session

Can some one share some light on creating some API to do below steps:

 

1) identify an application or port ( for ex: 5555 or backup app) when this traffic apprears on one egress interface , need to clear the sesion for this specified traffic.

 

( situati

...

Number of session

Hi,

Palo alto suddenly stops client going internet .

resolving dns stops  ( dns forwarder  just giving timeout instead of  the dns query result ) .

Does it mean maximum  number of session has saturated? 

How can we know maximum number of session reached

...

sib2017 by L4 Transporter
  • 2428 Views
  • 5 replies
  • 0 Likes

Wildfire SMTP - Malicious objects not blocked

Hi,

 

We recently had our FW setup by an external security company.

 

Yesterday we had a malicious email attack which got past our email scanning service. Although Wildfire identified the attachments as malicious, they were sent on to the recipients (aro

...

Capture3.PNG
Kuiper by L1 Bithead
  • 3326 Views
  • 5 replies
  • 0 Likes

Resolved! Security Policy for IPSec traffic

Hello,

 

We are setting up Site-to-Site IPSec VPN between PA and Cisco router. The examples provided on PA websites do not suggest any security policy for this. When we use a security policy for 'Outside-Untrust' to 'Outside-Untrust' to allow traffic b

...

Farzana by L4 Transporter
  • 2191 Views
  • 1 replies
  • 0 Likes

scan-host sweep

Hi,

Under threat detection, scan host sweep  droped some traffic. And under the rules it did not show anything .

What does it mean

Thanks

sib2017 by L4 Transporter
  • 8777 Views
  • 7 replies
  • 0 Likes

Telegram website is not accessible

Hi,

 

I've one client that cannot access https://telegram.org but he can access all other https website.

 

We tried to use a security rule with one source address and any any allow but still the same.

 

In the traffic monitor we can observe the session end

...

PA telegramTraffic log.png
PA telegramTraffic log2.png

Resolved! spoof

Hi,

How palo alto blocks if ip address is spoofed .
Why does it not work in vwire mode
Thanks

sib2017 by L4 Transporter
  • 3216 Views
  • 1 replies
  • 0 Likes

Link Aggregation Query

We have PA 500 which links to 100 Mbps throughput as mentioned by datasheet.

If we do link aggregation would it be possible for us to increase that ?

 

Thanks in advance.

Resolved! Site to Site VPN with error Failed SA

Hi,

 

We have configured a site to site vpn between palo alto and cisco ASA. However, both sites are static and PA is the intiator, ACL is configured properly on Cisco side but I got the error:

 

"IKE Phase-2 negotiation is failed as initiator, quick mod

...

"Client cert is invalid to the gateway" error

Hi,

 

I am trying to setup machine cert authentication, but it appears I am missing something. Local user auth works fine without certificates. Gateway and Portal are on a single 3020 with 7.1. 

 

I created a local-CA and generated a cert for all windows

...

BBartik by L2 Linker
  • 3274 Views
  • 2 replies
  • 0 Likes
  • 23698 Posts
  • 110 Subscriptions
Top Solution Authors
Labels