This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 2183 Views
  • 0 replies
  • 0 Likes

Resolved! How to bound an ACL to GP VPN client

Hello
i have a need to provide a contractor with VPN access to certain resource on internal network (let’s call them 10.20.1.0/24)

I have a working VPN GP/Portal and contractor can connect to VPN with no issue. But contractor is allowed to access all i

...

Routing via a new internet connection

We currently route all internet traffic out through an internet connection connected to Ethernet1/4 on out firewall. I have another Internet connection that I'm going to connect to Ethernet1/6, and I want fraffic from one of my VLANs on site to route

...

GC66 by L1 Bithead
  • 2319 Views
  • 1 replies
  • 0 Likes

Resolved! 7.01 and certs

I am looking for the article that says that you cannot upgrade directly to anything past 7.01 without breaking certs.

jdprovine by L4 Transporter
  • 2175 Views
  • 1 replies
  • 0 Likes

Resolved! Application: Incomplete

Hi,

 

Does anyone have a suggestion on how to create a rule to catch Application incomplete? Now that traffic hits the first policy that allows traffic on that service (port). And it clogs the logs when looking at that rule and what has passes through

...

mgusta by L2 Linker
  • 11879 Views
  • 7 replies
  • 0 Likes

Global Protect Portal Feature Request

Am I posting this in the right place?

 

 

I would like the ability to display available VPN gateways for my users based on AD group membership.

 

E.G. I have 4 available gateways:

 

gw1 - no AD group requirements

gw2 - no AD group requirements

gw3 - no AD gro

...

Disble GlobalProtect Agent on internal - corporte lan

Hi,

 

is it possible to disable the globalprotect agent autoconnect on the corporate lan ?

 

scenario:

-outside the corporate lan the vpn connection must be autoconnecting to the globalprotect portal to enforce webfiltering etc..

- inside the corporate lan

...

edv by L0 Member
  • 1964 Views
  • 2 replies
  • 0 Likes

"Facebook-apps" And "Facebook Chat" block

 

Hi all,

 

Appreciate if you can guide me to block facebook-apps and facebook-chat in Palo Alto but allow other facebook features. I already implemented it in Application layer but failed, is there something i am missed? I am using PA-3020 and 7.0.3 ve

...

Service route destination option

What is the purpose of adding destination in service route?

We have a default gateway in management interface config and we also have specific route in vr so why we need it?

hrsingh by L0 Member
  • 3463 Views
  • 5 replies
  • 0 Likes

NAT after Proxy

Hi

 

I have to set up a PA-200 as a NAT.  That it self would not be the problem but between the PA-200 and the modem is a Proxy. I have no information about that proxy. The only information i have about the network is the IP settings given by DHCP. Is

...

Tiesto by L0 Member
  • 2182 Views
  • 1 replies
  • 0 Likes

Resolved! How to block www.youtube.com completely

 

Dear All,

 

Appreciate if you can advise how to block www.youtube.com completely. I have try using URL-Filtering and application layer level but still failed. I am using PA-3020 OS version 7.0.3

 

 

Imran

Resolved! arp not found

Yesterday I attempted to move our Internet connection from a copper interface on ethernet1/1 to fiber optic on ethernet 1/13 on a Palo Alto 3020. 

 

I ensured both interfaces were members of the  same security zone and modified the Default route of def

...

Resolved! Reduced bandwidth after 7.1.2 upgrade

After the upgrade to 7.1.2, I've notice that my bandwidth has reduced by 80% over a Metro E Gig connect. Any one else seen this problem or has a resolution for it?

 

ITICID by L1 Bithead
  • 4843 Views
  • 5 replies
  • 0 Likes

Resolved! RADIUS authentication: MS-CHAP v2?

Currently, my PA-3050 devices (PAN-OS 6.1.12) utilize RADIUS authentication.  I know that this uses the completely unencrypted PAP protocol.

 

I have asked PAN about MS-CHAP v2 support in the past and was told that the device must be placed into FIPS m

...

  • 24253 Posts
  • 119 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks