This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

RDP over VPN login only works after 2nd time?

I've configured and established succesfully a GlobalProtect VPN connection to my firewall (PA-3020). I want to create a RDP session to a server,I login to the GlobalProtect portal on my Windows 10 client and start mstsc. The first time I connect to the server over RDP the connection fails (returns message: can not connect....), but the 2nd time ...

Data-Filtering ALLOW

I am using PAN-OS 7.1. I have figured out how to use basic data-filtering to block traffic with certain patterns in the payload, but I want to do the opposite. I want to configure a rule that will only ALLOW packets with a certain pattern, and automatically drop everything else. Is there a way to do this?

JohnPa by L1 Bithead
  • 4621 Views
  • 6 replies
  • 0 Likes

interface to interface connevtivity not working

hello - apologies in advance but im a newbie on Palo Altos - come from working on Check Points and Junipers and am now here tasked to set up a palo alto. I've got my network working to where all the vlans hanging off of the PAN can ping it and it can ping them however anything from interface to interface (vlan to vlan) isnt working. I've got a...

bwfreas by L1 Bithead
  • 6904 Views
  • 14 replies
  • 0 Likes

Google Search

Hi Anyone have any tips or tricks around forcing a particular country for Google search? Currently our IP address is misregistered in the Google database and we are being redirected to a foreign location. Thanks

Recommended PANOS version

Hi Guys, I would like to know if there's any resources that provide information about what recommended versions of PANOS to be upgraded to or from? Also, what caveats one might face during the upgrade process? Thank you,Dennis

Layer 2 v. V-Wire

Anybody think of a situation where I would prefer a layer 2 connection over a vwire in a basic setup? i.e. [users]--[core switch]--[PA]--[router] Right now I have: ([switch] --VW--[PA]--VW--[router])x4 Moving (becuase of lack of PA support for LACP LAG's with VWire) ([switch] --L2--[PA]--L2--[router])x2 Only caveat is [switch] and [router] in on...

PeterT by L2 Linker
  • 5154 Views
  • 5 replies
  • 0 Likes

Resolved! SSL decription between firewall and proxy

Hi Guys, We have a palo alto 3020 firewall in peremeter and websense proxy server in internet network acting a explicit proxy. So users are browsing internet through proxy server and the proxy will forward the traffic to internet via PA firwall. We need have following requirment. * Enable ssl decrption in PA firewall and inspect any traffic comi...

irshad.n by L1 Bithead
  • 3197 Views
  • 1 replies
  • 0 Likes

Skype on PAN 8.0

Hi Has anyone had issue with Skype on PAN 8? This week we needed to bypass decryption of *.skype.com to get Skype to work on the Apple iOS Skype app (consumer Skype). Our setup inspects all ssl traffic apart from the finance /banking / health categories. Thanks

Resolved! How to enable Ping on ISP interface with Dynamic IP?

Hi folks, As I continue my baby step learning, I am successfully using a PA-200 to access the internet from my internal clients.I am now trying to understand how to enable ping (at least temporarily) on my 1/1 Untrust-L3 interface. I like to be able to ping it from anywhere on the web for troubleshooting and learning purposes. I am following th...

ping1.jpg
ping2.jpg
ping3.jpg
OMatlock by L4 Transporter
  • 11076 Views
  • 4 replies
  • 0 Likes

Panorama - search and replace?

I'm kind of new to PaloAlto firewalls and I am looking for guidance on how to help with a little situation. As part of our migration, we had to create a bunch of security-zones that parallel what is on the system already. It was a cludgy, but functional work around. OK, so what I have now is zones like this: CorporatexxxxCorporate where "xxxx" ...

Failover (Active, Standby) 2 WAN Tunnel IPSEC

Hi All Expert,I have a small question to ask you.I have plan to use PA for this semester and try to find what PA can do.I have more than 10 Partners dial Site-to-Site VPN with me.One of 10 Partners have connection issue with my primary link, so PA will switchover to secondary link to serve VPN to that partner. Question:1. When PA switchover to s...

Change PAN Education Email Address

Hi All My current work email address is used to log in to support.paloaltonetworks.com (super user, can add/remove users, see all our assets etc). It is also linked (not sure how) to my PAN Education login/transcript via SSO. I will be leaving my current company at the end of this week and will obviouously be relinquishing my rights on the supp...

smichie by L0 Member
  • 1946 Views
  • 1 replies
  • 0 Likes

PAN for NSX 6.3 and vSphere 6.5

Does anyone know if NSX 6.3 and vSphere 6.3 are officially supported for PAN yet? I looked at the release notes for 7.0 and 7.1 and they are both stating vsphere 5.5/6.0 and NSX 6.2. I have a POC lab with NSX 6.3 and vSphere 6.5 that i was looking to integrate this on for customer demos.

plesogor by L0 Member
  • 1993 Views
  • 1 replies
  • 0 Likes

Resolved! Grant access to device with specific installed applications and captive portal for others

Hello, I would like to know if it was possible, and how, to grant access in the internal network (wired and wi-fi), on the basis of the presence of an application. In fact, I want to allow access to devices where spécific applications are installed, and redirect others to a captive portal for identification. Have you got any information tu set u...

  • 24379 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks