General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 882 Views
  • 1 replies
  • 8 Likes

Captive Portal to Internal Servers

I have a client that currently uses an ISA server to restrict access to back-end web servers.  The users authenticate at the ISA which then redirects to the back end web server.

Palo Alto firewalls were sold as replacing this authentication mechanism

...

QoS maximum number of interfaces???

I have a PA-3050 and I need to add more QoS interfaces...I receive a message that says "constraints failed: Maximum number of interfaces reached". I can't find any documentation that states there is a max. number of QoS interfaces...where is it? If t

...

mike_cc by Not applicable
  • 2495 Views
  • 3 replies
  • 0 Likes

Resolved! How to setup multiple IP Public address on PA-200

Hi,

We're facing an architecture where there are multiple address that needs to be used for a specific pool of IP from the LAN interface.

Let's supose that we have 3 IP PUBLIC address 10.X.X.2; 10.X.X.3 and 10.X.X.4 and the gateway has the IP 10.X.X.1

F

...

Resolved! No information showing up in Monitor->Logs->Traffic

Dealing with my first experience with Palo Alto Firewalls.  I am working with the vmware appliance version. I have two rules/policies current configured.  One allows all traffic outbound and the other allows only ms-rdp traffic inbound.  This is a la

...

RNutter by Not applicable
  • 2063 Views
  • 2 replies
  • 1 Likes

Resolved! Subinterface

Hello


I have a PA500 firmware version 6.0.7.


All interfaces are used, can I create a subinterface? I need to make a new segment. What is recommended to do that I need?


Thank you

Antivirus Security Profile Exception

I want to create an exception action for a specific antivirus ID (which happens to be outbound traffic). The default action is “alert” and I want this one ID to be “drop”. This is possible for the spyware and vulnerability profiles, but my problem is

...

JohnPa by L1 Bithead
  • 1616 Views
  • 2 replies
  • 0 Likes

Resolved! Server Certificate Verification Failed

Within the past couple of days I am starting to get reports from users that while trying to sign in with GlobalProtect they are receiving the following error:

Gateway X.X.X.X: Server certificate verification failed

No changes have been made on the PA.

...

mcocat by Not applicable
  • 8144 Views
  • 1 replies
  • 0 Likes

Resolved! Wildfire Double Ring - Perimetral Network External / Internal

Hello, :smileyinfo:

We have a double ring structure and we are trying to implement the most appropriate settings for the Wildfire, according to the scenario that we have.

-A Cluster 2 firewalls External *OUT*

  Model PA-500

  WildFire Version 52587-59292

...

SOC_CSG by L4 Transporter
  • 1787 Views
  • 2 replies
  • 0 Likes

block tor

Hi,

please tell me, how can i block tor in pa device,

i create a rule with tor and tor2web , i set action to block but it is still runnning , it block skype too

IS that normal

thank's in advance

Regards,

atelcom by L3 Networker
  • 4069 Views
  • 6 replies
  • 0 Likes

RIP over VPN tunnel

Will RIP run over a VPN tunnel? I have a site to site to site VPN tunnel set up and an IP address set on my tunnel interface. I can ping the remote tunnel interface but I do not see the remote tunnel interface as a peer under RIP.

source user showing as unknown in traffic monitor

Found an issue on a customer's firewall.  For some reason, the “source user” becomes unknown while students are using a web application called Istation.  When that happens, the web traffic for that IP address becomes blocked by another policy.  She w

...

485-2569 Dynamic Updates issue?

Anyone noting a large increase in triggering of following threat ID's after this Update (485-2569) was applied?

( threatid eq 36485 ) - OpenSSL SSL/TLS MITM vulnerability

( threatid eq 36420 ) - OpenSSL TLS Heartbeat Information Disclosure Vulnerabili

...

jar file blocked by Data Filtering

Hello together,

i have the problem that a jar-file would be blocked and categorized as a "Microsoft PE File". The PE Files are blocked by a "File Blocking Profile", thats okay, but jar files actually not blocked in that profile??? And i think this jar

...

ITSama by L2 Linker
  • 2736 Views
  • 3 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors