General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 667 Views
  • 0 replies
  • 0 Likes

Resolved! active/passive HA setup with existing production firewall

I have a second PA-500 I need to add to an existing production PA-500 for active/passive HA. I have read the admin guide for HA setup, but it appears to be for two pre-production firewalls. Are there any special precautions I need to take into accoun

...

Bvance by L2 Linker
  • 4957 Views
  • 3 replies
  • 0 Likes

Resolved! Applications for Internet web browsing?

Hello

 

I am not doing SSL decryption on PA, then all internet web-browsing would be boils down to SSL and web-browsing applications, right? So in security policy if I want to allow internet web browsing then allowing applications SSL and web-browsing

...

Resolved! unknown-tcp and web application

Hello Experts

 

Just want to know, 

 

1- If PA can not identify the web application then it will classify it as SSL/Web-browsing or unknown-tcp?

2- unknown-tcp and unkown-udp is only for client/server application?

 

Regards,

 

GR

ghostrider by L4 Transporter
  • 10357 Views
  • 11 replies
  • 0 Likes

User support on PA devices

Hi All,

 

Can I have an information how many users does PA-4060 PA-3020 PA-500 support for "normal" usage.

We have some deployment soon and we need this information.

 

Thank you in advance.

Ivan

ibogovic by L0 Member
  • 2869 Views
  • 4 replies
  • 0 Likes

Resolved! Custom Application and TAC

Hello 

 

Can I request to TAC to create custom application or I have to do by my self? I found this but I guest it is for public application not for internal.

http://researchcenter.paloaltonetworks.com/submit-an-application/

Resolved! Hardening the security rule for service ports

Hello Experts

 

In my firewall configuration, many security rules have specific application but service ANY. I would like to harden service part as well. Once I veiw the logs for particular security rule to check service ports, there are many pages, I

...

Resolved! Configuration Management

Hi,

I have a further question:

I don't understand the configuration management yet.

The option "Revert to last saved configuration", what does that mean?

When is a configuration saved? Every time I commit ? Or only manually?

 

Maybe I have done changes on

...

MPI-AE by L4 Transporter
  • 2842 Views
  • 4 replies
  • 0 Likes

Route check on PA firewall - Longest match not there??

Hello Experts

 

 

I want to check which route is matching for some host IP like 10.155.7.33, so I can check the outgoing interface and destination zone for policy lookup. When I run the command “show routing route destination 10.155.7.33/32”, it is show

...

Resolved! Captive Portal - Source Untrust

Hi everyone, I have a Web Server and i want login users with a Captive Portal,

can I use the CP with Source Untrust to DMZ (where is my Web Server)?
its recommended?

Thanks a lot

Matt.

MineMeld - CSV input feature

Hi all,

 

Firstly, great work on MineMeld - it is fantastic!!! I have it working great for dynamic IP lists and AF export lists, but our customer would like to import Indicators from CSV. It doesn't look possible with current class/prototypes. Any su

...

tkirk by L1 Bithead
  • 19170 Views
  • 14 replies
  • 0 Likes

User ID agent

Hello, 

 

I am integrating User ID agent on a multi domain invironment. 

I have around 14000 users total. What are the System requirements to spin a VM machine where I will install the User ID agent.

to be specific, my client is asking what is the amount

...

Kaliman by L2 Linker
  • 1715 Views
  • 1 replies
  • 0 Likes
  • 24114 Posts
  • 117 Subscriptions
Top Solution Authors
Labels