General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 385 Views
  • 0 replies
  • 0 Likes

Resolved! active/passive HA setup with existing production firewall

I have a second PA-500 I need to add to an existing production PA-500 for active/passive HA. I have read the admin guide for HA setup, but it appears to be for two pre-production firewalls. Are there any special precautions I need to take into accoun

...

Bvance by L2 Linker
  • 4681 Views
  • 3 replies
  • 0 Likes

Resolved! Applications for Internet web browsing?

Hello

 

I am not doing SSL decryption on PA, then all internet web-browsing would be boils down to SSL and web-browsing applications, right? So in security policy if I want to allow internet web browsing then allowing applications SSL and web-browsing

...

Resolved! unknown-tcp and web application

Hello Experts

 

Just want to know, 

 

1- If PA can not identify the web application then it will classify it as SSL/Web-browsing or unknown-tcp?

2- unknown-tcp and unkown-udp is only for client/server application?

 

Regards,

 

GR

User support on PA devices

Hi All,

 

Can I have an information how many users does PA-4060 PA-3020 PA-500 support for "normal" usage.

We have some deployment soon and we need this information.

 

Thank you in advance.

Ivan

ibogovic by L0 Member
  • 2636 Views
  • 4 replies
  • 0 Likes

Resolved! Custom Application and TAC

Hello 

 

Can I request to TAC to create custom application or I have to do by my self? I found this but I guest it is for public application not for internal.

http://researchcenter.paloaltonetworks.com/submit-an-application/

Resolved! Hardening the security rule for service ports

Hello Experts

 

In my firewall configuration, many security rules have specific application but service ANY. I would like to harden service part as well. Once I veiw the logs for particular security rule to check service ports, there are many pages, I

...

Resolved! Configuration Management

Hi,

I have a further question:

I don't understand the configuration management yet.

The option "Revert to last saved configuration", what does that mean?

When is a configuration saved? Every time I commit ? Or only manually?

 

Maybe I have done changes on

...

MPI-AE by L4 Transporter
  • 2613 Views
  • 4 replies
  • 0 Likes

Route check on PA firewall - Longest match not there??

Hello Experts

 

 

I want to check which route is matching for some host IP like 10.155.7.33, so I can check the outgoing interface and destination zone for policy lookup. When I run the command “show routing route destination 10.155.7.33/32”, it is show

...

Resolved! Captive Portal - Source Untrust

Hi everyone, I have a Web Server and i want login users with a Captive Portal,

can I use the CP with Source Untrust to DMZ (where is my Web Server)?
its recommended?

Thanks a lot

Matt.

MineMeld - CSV input feature

Hi all,

 

Firstly, great work on MineMeld - it is fantastic!!! I have it working great for dynamic IP lists and AF export lists, but our customer would like to import Indicators from CSV. It doesn't look possible with current class/prototypes. Any su

...

tkirk by L1 Bithead
  • 18315 Views
  • 14 replies
  • 0 Likes

User ID agent

Hello, 

 

I am integrating User ID agent on a multi domain invironment. 

I have around 14000 users total. What are the System requirements to spin a VM machine where I will install the User ID agent.

to be specific, my client is asking what is the amount

...

Kaliman by L2 Linker
  • 1613 Views
  • 1 replies
  • 0 Likes
  • 23840 Posts
  • 112 Subscriptions
Labels