This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4118 Views
  • 0 replies
  • 0 Likes

Pan FWs running in AWS, auto scaling, load balancing etc.

I am looking at spinning up a set of PAN infra in AWS and I want to know if there are any landmines out there regarding the design and how it functions. Specifically, I want to use these instances as GP gateways and I want to be able to load balance clients coming into this infra and then auto-scale the instances as needed. Anyone done this?

danecott by L1 Bithead
  • 1991 Views
  • 1 replies
  • 0 Likes

Resolved! Globalprotect Client 3.0.2 popup notifications disconnected every 20 sec

We updated our GlobalProtect Client to version 3.0.2. Since we updated the client and the people are internal in HQ (so ne vpn needed) they get a popup message every 20 sec "Disconnected". They don't have this problem when they are outside HQ and the VPN tunnel has been setup. When they disable the notification and the computer gets restarted th...

ZEBIT by L3 Networker
  • 6993 Views
  • 3 replies
  • 0 Likes

Global Protect Portal Feature Request

Am I posting this in the right place? I would like the ability to display available VPN gateways for my users based on AD group membership. E.G. I have 4 available gateways: gw1 - no AD group requirementsgw2 - no AD group requirementsgw3 - no AD group requirementsgw4 - Only visible to those that are the memberOf VPN_gw4

Disble GlobalProtect Agent on internal - corporte lan

Hi, is it possible to disable the globalprotect agent autoconnect on the corporate lan ? scenario:-outside the corporate lan the vpn connection must be autoconnecting to the globalprotect portal to enforce webfiltering etc..- inside the corporate lan, the vpn connection should be disabled. is there any option / advice ? thanks

edv by L0 Member
  • 2060 Views
  • 2 replies
  • 0 Likes

"Facebook-apps" And "Facebook Chat" block

Hi all, Appreciate if you can guide me to block facebook-apps and facebook-chat in Palo Alto but allow other facebook features. I already implemented it in Application layer but failed, is there something i am missed? I am using PA-3020 and 7.0.3 version. Application Version : 591-3403 (06/25/16)

Service route destination option

What is the purpose of adding destination in service route?We have a default gateway in management interface config and we also have specific route in vr so why we need it?

hrsingh by L0 Member
  • 3665 Views
  • 5 replies
  • 0 Likes

NAT after Proxy

Hi I have to set up a PA-200 as a NAT. That it self would not be the problem but between the PA-200 and the modem is a Proxy. I have no information about that proxy. The only information i have about the network is the IP settings given by DHCP. Is it somehow possible to setup the NAT with just that information and no change to the existing net...

Tiesto by L0 Member
  • 2277 Views
  • 1 replies
  • 0 Likes

Resolved! How to block www.youtube.com completely

Dear All, Appreciate if you can advise how to block www.youtube.com completely. I have try using URL-Filtering and application layer level but still failed. I am using PA-3020 OS version 7.0.3 Imran

Resolved! arp not found

Yesterday I attempted to move our Internet connection from a copper interface on ethernet1/1 to fiber optic on ethernet 1/13 on a Palo Alto 3020. I ensured both interfaces were members of the same security zone and modified the Default route of default-vr to use ethernet 1/13 instead of 1/1. While I and the NOC technician confirmed the fiber p...

Resolved! Reduced bandwidth after 7.1.2 upgrade

After the upgrade to 7.1.2, I've notice that my bandwidth has reduced by 80% over a Metro E Gig connect. Any one else seen this problem or has a resolution for it?

ITICID by L1 Bithead
  • 5128 Views
  • 5 replies
  • 0 Likes

Resolved! RADIUS authentication: MS-CHAP v2?

Currently, my PA-3050 devices (PAN-OS 6.1.12) utilize RADIUS authentication. I know that this uses the completely unencrypted PAP protocol. I have asked PAN about MS-CHAP v2 support in the past and was told that the device must be placed into FIPS mode in order to gain the ability to do RADIUS authentication over MS-CHAP v2, but by putting a de...

Multi AD Account login - Captive Portal

Hi, Can we limit the login per account using Active Directory as an authentication profile at Palo Alto Captive Portal? I believe by default, you can login using a single AD account with multiple devices.

Error with PDF Reports

when i do a test email for the email profile it successfully delivers the email. however in my system logs I get this error. "failed to email pdf reports to #####@#####.com for email profile #####" any ideas?

alkajazz by L0 Member
  • 1960 Views
  • 1 replies
  • 0 Likes

Resolved! User based ssl decryption

Hi, I try to test ssl forward proxy decryption. It works fine if I use IP address as a source but if I use Users(domain) as a source it doesn't work. I can't use IP's for testing because our IP's floating. What I need to check in configuration? Toni

ToniE by L2 Linker
  • 8335 Views
  • 12 replies
  • 0 Likes

Resolved! GlobalProtect 3.0.2 setting VPN DNS on WiFi adapter

Hi, I'm having a single client, running Windows 10 Pro, that we're having issues with.When the user connects to their network at home, they are unable to connect to VPN, and it seems like the issues is caused by GlobalProtect setting the WiFi adapter's DNS-address to that of the VPN proxy DNS. I have tried against mobile hotspots, and the same i...

arvesynd by L3 Networker
  • 11330 Views
  • 8 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks