This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4479 Views
  • 0 replies
  • 0 Likes

Multiple GlobalProtect gateways on same firewall- ASA to Palo migration

Hello there, I am working on a migration- ASA to Palo. ASA has muliple remote access vpn's setup - all terminating on outside interface ip address. For example, a RA vpn for employees - authenticating against AD, another for contractors- user accounts created locally on ASA. The IP Pool is different in call instances. Now, I want to create a...

Sushilc by L0 Member
  • 4021 Views
  • 2 replies
  • 1 Likes

Resolved! Change severity of updates - email warnings

Hello, Does anyone know if itis possible to change the severity of some email alerts? Like I don't know why saying app&threats/wildfire is updating every 15 minutes is categorised as severity "high".. Kr,Arne

Arne-VDH by L3 Networker
  • 4885 Views
  • 3 replies
  • 2 Likes

Can't Block Youtube on PAN 7.1.0

Hi Team, I user PAN OS 7.1.0 and now i CAN'T block youtube although i try using both application and url to block. 1, Block by Application I created a rule to block YouTube-base I still view video on youtube normal In log traffic, i see Palo Alto Blocked Youtube-base application But i think, traffic from youtube go through SSL and...

rule_youtube.png
Screenshot_2.png
Screenshot_5.png
Screenshot_7.png
dat.tran by L2 Linker
  • 4085 Views
  • 2 replies
  • 0 Likes

Release notes

Is there a good way to review you firewall against the release notes of the upgrades that you are considering? I have been reading them and in order to avoid issues moving to 7.06 (TACS recommended most stable version) I should do an intermediate of 7.01 because of cert issues that would be caused by going directly to 7.06 from 6.1.11

jdprovine by L4 Transporter
  • 3357 Views
  • 3 replies
  • 0 Likes

Resolved! ping between server is not working

Hi, I have created a rule to allow ping between to and fro from servers below is the scenario source zone: A, B, C Source IP: 1 , 2 , 3 Destination zone: A, B, C Destination IP: 1, 2, 3 Application: Ping Service: application-default action: Allow But the rule is not triggering, the traffic is denied due to dafault deny... can anyboady tell...

PA-200 - Passing traffic through multiple ISP links

I have a Palo Alto PA-200 and the setup I'm trying to configure is as below. I'm using "Fiber1" and "Fiber2" for Internet purpose. These 2 links are connected to firewall via a trunk port.The ADSL links and the "LankaCom" link in the right are using for mail purpose only. These 3 links are also connected to the firewall via a trunk portSub-I...

Internal Network1.jpg

Native RADIUS accounting, a welcome feature

This week i was asked to configure radius accounting as a source for user-ip mapping. I was very surprised to see that this is not nativly supported. In lots of ways it is the one of the nicer ways to be able to get user-ip mappings. And as other vendors do have this implemented i assumed PA would surly have it as well... Even though there are w...

Resolved! Unable to Create Encryption Setting

Hello Community, Can someone please tell me why when ever I try create an Encryption setting aes256, as shown in the image, it defaults to aes-128-cbc I'm run PA-VM software version 7.0.6 Thank you Carlton

aes256.png
aes128cbc.png

Getting Started: Layer 2 Interfaces

I have installed a VM-100 and was able to configure the management interface. When I go under the network tab all interfaces are showing as down. How do I get an interface to go into an up state?

Resolved! Google QUIC traffic blocked?

We're getting a lot of blocked traffic on UDP port 80 and 443. From looking into it this is Google's new QUIC protocol over Chrome. What is everyone else doing in this case? I'd prefer not to allow all UDP traffic over port 80 & 443. Any chance off an App-ID for this?

pmc by L2 Linker
  • 11967 Views
  • 5 replies
  • 1 Likes

Unexpected proxy ARP from NAT policy

Hi there, I had an interesting go round with PAN support involving proxy ARP and source NAT. Background: I don’t use the PAN for public ingress/egress traffic, for me it is for internal DMZs only. As such, I’ve not had the opportunity to utilize the NAT policy features. Things do change however and now I’m at a place where I plan on using t...

msullivan by L3 Networker
  • 5702 Views
  • 2 replies
  • 2 Likes

Licensing Costs

Hello Community, Can someone give me a general guide as to license costs. For example, if I wanted purchase, URL Filtering license or Antivirus or Anti-spyware license for a year, how much would that cost me as an individual as opposed to a corporation or a business? Thanks

Global Protect's lack of connection profiles is making everyone at my company very sad

We're in a situation where we have mutliple PA firewalls deployed and many of them have their own GP SSL VPN set up (e.g. Manangement range, lab, severeal different customer "islands"). The lack of "connection profiles" within the GP Client is a real pain point for us. We've talked to our client reps about this several times, including making ...

melliott by L1 Bithead
  • 8587 Views
  • 5 replies
  • 4 Likes

Resolved! Anti-virus Block Option Not Available

Hello Community, I would like to set an Antivirus action to 'Block', but for some reason that option isn't available, see image. However, it has been available on my other PA-VM. Can someone explain why I can't see that option here?

block.png
  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks