This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Discussions

Start a conversation

Resolved! Rule change via CLI

Is there any way to remove a parameter to a security rule via the CLI?  As an example, if I created the following rule:

set rulebase security rules "Test" from inside

Now I want to change inside to outside.

If I use: set rulebase security rules "Test" f

...

rgreens by L2 Linker
  • 3024 Views
  • 2 replies
  • 0 Likes

Resolved! Different NAT IP for several user

Hi

I need your help with following problem.

Traffic from VPN zone is NATed to one public IP for every VPN traffic.

Today I got task to assign for 3 of those user different NAT IP (or even better: user1 - NAT_1, user2 - NAT_2, user3 - NAT_3 and for the r

...

_slv_ by L4 Transporter
  • 3550 Views
  • 9 replies
  • 0 Likes

Resolved! Specify policy by machine name/workgroup?

Hey there --

So this is an odd thing that's probably it simple fix..  hoping anyway.  We have 99% of our PCs on the same subnet and domain, however several of these machines are owned by an outside company and are "borrowing" our internet link.  They

...

thatguy by L2 Linker
  • 3236 Views
  • 6 replies
  • 0 Likes

Route web traffic through firewall

Hi,

I'm just in the process of configuring a PA-500 on PAN OS 5.0.10 at our DR site so that it sit's on the internet connection at that office.  It currently has three interfaces, outside, inside and DMZ.  I've managed to configure things such as NAT

...

Resolved! Scheduler should cut off sessions immediately

Hi,

We have set a schedule on some security policies, but at the moment the schedule should switch off the traffic it seems that live sessions are not immediately denied,  The scheduler only prohibits the creation of new sessions.  Is this true? 

We a

...

How to get DHCP statistics from PAN

Hello

I have WiFi network for students, it using APs as a bridges with Captive Portal authentication using Radius server and also PAN is a used as a DHCP server..

I'd like to know how many IPs are in use in a time. Is it a way to do it by SNMP?

The seco

...

_slv_ by L4 Transporter
  • 2392 Views
  • 3 replies
  • 0 Likes

Resolved! Custom Reports contained in Group reports

Has anyone else had issues with creating custom reports and then having them emailed via the scheduler? I have built an extensive custom reports list that allows us to see into the detailed traffic to discover infections, spyware, and an assortment o

...

craymond by L4 Transporter
  • 4816 Views
  • 7 replies
  • 0 Likes

Benefits of using DNS proxy?

Are there any Security benefits to using the current implementation of DNS proxy on the PAN? I have seen on the ver 6.0, a new feature called DNS sinkhole, but I don't think it will require the DNS proxy feature. Watchguard checks DNS headers and a c

...

craymond by L4 Transporter
  • 2950 Views
  • 2 replies
  • 0 Likes

Layer-3 Active/Active mode with ARP load-sharing

Hi All

I'm just wondering, if I'm using layer-3 sub-interfaces in active/active mode, is it possible to create ARP load-sharing for each sub-interface on both PA.

by EX: sub-interface 1.102 with IP address 192.168.102.2 on PA-1 and 192.168.102.3 on PA-

...

Resolved! Antivirus Profile Issue

Hi Gents,

I installed Palo Alto between clients and my server farm in VWire Active/Active mode.

I created a policy for user access to the file server, and when I apply the antivirus profile to the policy the share accidentally hangs from time to time.

t

...

Resolved! Active/Active HA in VWire Mode

Hi Gents,

I'm just wandering if the Floating IP or ARP load-sharing configuration are required in vwire mode. or they are only required in layer-3 mode.

all of the documentation I've read about that aren't clear enough.

Regards,

Maher

Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks