General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Slowness over VPN

I just modified a PA-200 in our remote office to use two internet connections and two VPN connections for fail-over. The tunnels are up and are passing traffic fine for me, however users in that office are complaining about slowness over the VPN. The

...

Resolved! IKE phase 2 negotiation fail

Hi,

I'm having a hard time bringing up a VPN tunnel from my PA-5020 to a Cisco firewall.  I'm getting the following:

'IKE phase-2 negotiation failed when processing proxy ID. cannot find matching phase-2 tunnel for received proxy ID. received local id:

...

przyboro by L1 Bithead
  • 2554 Views
  • 3 replies
  • 0 Likes

Resolved! Application Dependency


Hello

We currently block access to Scribd for our employees. We now want to allow Scribd and I was looking through the Applipedia and noticed "scribd-base" but it also has dependencies of "web-browsing" and ssl". If I add those dependencies will they

...

RyanA. by L0 Member
  • 2639 Views
  • 4 replies
  • 0 Likes

App dependencies - that's creazy!!

Hello

Today I have to add MS Lync to be allowed from VPN. Sound simple.

So I add to security rule ms-lync

.

but during commit I get warnings:

ok, I added ms-lync-online but I get another warning:

DO I really need to add every particular aplication by hands

...

_slv_ by L4 Transporter
  • 3283 Views
  • 12 replies
  • 1 Likes

Any good solutions to rewrite url-requests?

I know that there have been several threads dealing with forcing google safe search and a few people have mentioned that one can force traffic through a proxy using policy based forwarding.  One popular suggestion was using Squidguard to rewrite urls

...

Virtual wire for two different VLANs!

Hi,

I wanted to apply a virtual wire between two sub-interfaces 1.10 and 2.20, which are basically in two different VLAN ID (10 and 20), but I'm getting an error saying that sub-interfaces cannot have interfaces with different VLAN (10/20).

Is this the

...

Besfort by L2 Linker
  • 4144 Views
  • 7 replies
  • 0 Likes

First official Cyvera thread

So has anyone heard anything more about Cyvera? The fact that PA bought out Cyvera is in the news now and was announced at Ignite, so I'm reasonably sure it's ok to talk about here.

Anyone have any news on what's going on? What the integration with PA

...

Url time report

Is there any way to generate a report that informs how long the users are getting on the Internet, and also what were the biggest downloads, starting from the custom report ?

Resolved! URL Category "any"

Hi,

I'm configuring my new PA3020. It is my first experience with the device and so far things seem to be going well. Here is my setup:

PA3020 positioned between current firewall and core switch in TAP mode.

URL Filtering license installed.

My question i

...

charger by L2 Linker
  • 2330 Views
  • 6 replies
  • 0 Likes

Resolved! Block internet access using Opera Mini

Hi Gents,

I would like to configure palo Alto to block internet access via opera web browsers, as this browser can bypass my web-filter.

my Palo Alto License is only for Antivirus, Anti-Spyware, and Anti Vulnerability.

Regards,

Incomplete Application

What does it mean when it saw the application is incomplete or insufficient data?  But the action is to allow it? I assume the traffic in and out for this unknow app and IP address has been allowed
 
 
 
 
 
 
 
 






 
 
 
 
 
 
 
 
 
 





infotech by L4 Transporter
  • 4650 Views
  • 21 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors