This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Investigation of possible threats

My company has a PA3050.  I am new to this device.  It is currently setup to mirror/monitor port on current Cisco firewall.  The device is reporting that it is finding suspicous files and various other vulnerabilities.  There is concern that this is

...

phxcpv by L1 Bithead
  • 2561 Views
  • 6 replies
  • 0 Likes

copy production panorama policies to lab panorama

Hello Expert

 

I have Panorama VM and managing 6 LSYS on two different PA firewalls. I would like to export security rules from Panorama and import into another Panorama in my lab for policies testing. What type of configuration I need to export from P

...

Resolved! active/passive HA setup with existing production firewall

I have a second PA-500 I need to add to an existing production PA-500 for active/passive HA. I have read the admin guide for HA setup, but it appears to be for two pre-production firewalls. Are there any special precautions I need to take into accoun

...

Bvance by L2 Linker
  • 4126 Views
  • 3 replies
  • 0 Likes

Resolved! Applications for Internet web browsing?

Hello

 

I am not doing SSL decryption on PA, then all internet web-browsing would be boils down to SSL and web-browsing applications, right? So in security policy if I want to allow internet web browsing then allowing applications SSL and web-browsing

...

Resolved! unknown-tcp and web application

Hello Experts

 

Just want to know, 

 

1- If PA can not identify the web application then it will classify it as SSL/Web-browsing or unknown-tcp?

2- unknown-tcp and unkown-udp is only for client/server application?

 

Regards,

 

GR

User support on PA devices

Hi All,

 

Can I have an information how many users does PA-4060 PA-3020 PA-500 support for "normal" usage.

We have some deployment soon and we need this information.

 

Thank you in advance.

Ivan

ibogovic by L0 Member
  • 2400 Views
  • 4 replies
  • 0 Likes

Resolved! Custom Application and TAC

Hello 

 

Can I request to TAC to create custom application or I have to do by my self? I found this but I guest it is for public application not for internal.

http://researchcenter.paloaltonetworks.com/submit-an-application/

Resolved! Hardening the security rule for service ports

Hello Experts

 

In my firewall configuration, many security rules have specific application but service ANY. I would like to harden service part as well. Once I veiw the logs for particular security rule to check service ports, there are many pages, I

...

Resolved! Configuration Management

Hi,

I have a further question:

I don't understand the configuration management yet.

The option "Revert to last saved configuration", what does that mean?

When is a configuration saved? Every time I commit ? Or only manually?

 

Maybe I have done changes on

...

MPI-AE by L4 Transporter
  • 2260 Views
  • 4 replies
  • 0 Likes

Route check on PA firewall - Longest match not there??

Hello Experts

 

 

I want to check which route is matching for some host IP like 10.155.7.33, so I can check the outgoing interface and destination zone for policy lookup. When I run the command “show routing route destination 10.155.7.33/32”, it is show

...

Resolved! Captive Portal - Source Untrust

Hi everyone, I have a Web Server and i want login users with a Captive Portal,

can I use the CP with Source Untrust to DMZ (where is my Web Server)?
its recommended?

Thanks a lot

Matt.

  • 23712 Posts
  • 104 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks