General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Application: Incomplete

Hi,

 

Does anyone have a suggestion on how to create a rule to catch Application incomplete? Now that traffic hits the first policy that allows traffic on that service (port). And it clogs the logs when looking at that rule and what has passes through

...

mgusta by L2 Linker
  • 9393 Views
  • 7 replies
  • 0 Likes

Global Protect Portal Feature Request

Am I posting this in the right place?

 

 

I would like the ability to display available VPN gateways for my users based on AD group membership.

 

E.G. I have 4 available gateways:

 

gw1 - no AD group requirements

gw2 - no AD group requirements

gw3 - no AD gro

...

Disble GlobalProtect Agent on internal - corporte lan

Hi,

 

is it possible to disable the globalprotect agent autoconnect on the corporate lan ?

 

scenario:

-outside the corporate lan the vpn connection must be autoconnecting to the globalprotect portal to enforce webfiltering etc..

- inside the corporate lan

...

edv by L0 Member
  • 1479 Views
  • 2 replies
  • 0 Likes

"Facebook-apps" And "Facebook Chat" block

 

Hi all,

 

Appreciate if you can guide me to block facebook-apps and facebook-chat in Palo Alto but allow other facebook features. I already implemented it in Application layer but failed, is there something i am missed? I am using PA-3020 and 7.0.3 ve

...

Service route destination option

What is the purpose of adding destination in service route?

We have a default gateway in management interface config and we also have specific route in vr so why we need it?

hrsingh by L0 Member
  • 2646 Views
  • 5 replies
  • 0 Likes

NAT after Proxy

Hi

 

I have to set up a PA-200 as a NAT.  That it self would not be the problem but between the PA-200 and the modem is a Proxy. I have no information about that proxy. The only information i have about the network is the IP settings given by DHCP. Is

...

Tiesto by L0 Member
  • 1749 Views
  • 1 replies
  • 0 Likes

XAuth RSA stopped working.

Hey,

 

So recently my XAuth RSA connection to my Global Protect via my Android phone stopped working.

 

I've already read the fourm post about Version 7.1.1 but I have not updated to that version yet and am still on 7.0.6.

 

I haven't made any changes (at

...

Zewwy by L3 Networker
  • 1325 Views
  • 0 replies
  • 0 Likes

Resolved! How to block www.youtube.com completely

 

Dear All,

 

Appreciate if you can advise how to block www.youtube.com completely. I have try using URL-Filtering and application layer level but still failed. I am using PA-3020 OS version 7.0.3

 

 

Imran

Resolved! arp not found

Yesterday I attempted to move our Internet connection from a copper interface on ethernet1/1 to fiber optic on ethernet 1/13 on a Palo Alto 3020. 

 

I ensured both interfaces were members of the  same security zone and modified the Default route of def

...

Resolved! Reduced bandwidth after 7.1.2 upgrade

After the upgrade to 7.1.2, I've notice that my bandwidth has reduced by 80% over a Metro E Gig connect. Any one else seen this problem or has a resolution for it?

 

ITICID by L1 Bithead
  • 3779 Views
  • 5 replies
  • 0 Likes

Resolved! RADIUS authentication: MS-CHAP v2?

Currently, my PA-3050 devices (PAN-OS 6.1.12) utilize RADIUS authentication.  I know that this uses the completely unencrypted PAP protocol.

 

I have asked PAN about MS-CHAP v2 support in the past and was told that the device must be placed into FIPS m

...

Multi AD Account login - Captive Portal

Hi,

 

Can we limit the login per account using Active Directory as an authentication profile at Palo Alto Captive Portal? I believe by default, you can login using a single AD account with multiple devices.

Error with PDF Reports

when i do a test email for the email profile it successfully delivers the email. however in my system logs I get this error. 

 

"failed to email pdf reports to #####@#####.com for email profile #####"

 

any ideas?

alkajazz by L0 Member
  • 1501 Views
  • 1 replies
  • 0 Likes
  • 24185 Posts
  • 101 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels