General Topics
Showing results for 
Search instead for 
Did you mean: 

The Enhanced LIVEcommunity Experience is finally here! Learn all about it.

Forum Posts

Registration now open - Interactive Event!

Hi everyone, If you haven’t already seen, registration is now open for our first interactive event all about the Best Practice Assessment (BPA) tool! You will be able to connect with subject matter experts, share best practices, and learn how this to...

jdelio by Community Team Member
  • 0 replies

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 45 replies

ISP failover in PanOS 7.0.4

Hi, We are moving from Juniper ScreenOS SSG firewalls to PanOS 7.0.4, 3020 clustered firewalls. On our Junipers we make use of a feature called track-ip for Interface failover between ISP's...This basically works by pinging a far device on the primar...

Resolved! How do I identify which PC made a suspicious DNS query?

Hello I have setup the Anti-Spyware Profile in our firewall and I have a lot of threat logs of type spyware suspicious DNS queries from a domain controller machine and this is cleansed. Monitor > Logs > Threat list As you can see I have configured th...

SOC_CSG by L4 Transporter
  • 3 replies

ESM service account rights

When I try to install the ESM core and console with a service account that does have the logon as a service rights but not administrator rights, I keep running into issues. As I don't like to grant full admin rights to a service account on a box I'd ...

Panorama: dynamic updates to clients

Hi, I've added two VM-100's to Panorama and placed them into a device group. Connectivity is okay, deploying templates goes fine, but for some reason when I try to configure Panorama to shedule dynamic updates to the VM's, they don't show up in the l...

PAN AWS with multiple ELBs

Hi All, I'm deploying a PAN VM in AWS. The client has multiple ELBs configured and I'm trying to figure out the best way to deploy it. I haven't found any documentation on Palo Alto's website regarding ELB but did find an architecture from another fi...

mausmus2 by L3 Networker
  • 0 replies

Response Page on Internet Zone

Hello Community, our customer has a Cluster of PA-3020 with PANOS 7.0.2. We have enabled Application Block Page and the Internal users can view it properly. Customer has a rule to permit Web-browsing traffic from Internet to DMZ. When users try to sh...


Exclude Traffic from the VPN Tunnel with scripts (GP 2.3)

Dear community, have you ever tried to exclude IPs from the VPN tunnel using the GP 2.3 feature:

Hithead by L4 Transporter
  • 0 replies

Does Palo Alto support Reverse Route injection?

As title, does Palo Alto support something like CISCO "Reverse Route injection" which can inject a /32 route to the campus network for a dial-in user? Or can I create a /24 loopback interface for VPN users and redistribute the /24 to campus network? ...

AWS Palo Alto and Configuring Interfaces

I'm new to AWS, but not new to Palo Alto. We are at the initial phases of building out our AWS environment. I'm getting familiar with AWS but not an expert by any means. I thought I'd start with a trial version of Palo Alto for AWS. At any rate, I've...

Lync Federation Traffic

Hi Guys, Recently we've configured Lync 2013 on our network. What i've noticed on the PA external firewall is the Lync federation traffic from the internal lync clients to for example 'Skype clients' on the web or other organizations is classified on...