Did you know that you can help your fellow community members by accepting solutions when a reply answers your question Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature
...
I have a client that currently uses an ISA server to restrict access to back-end web servers. The users authenticate at the ISA which then redirects to the back end web server.
Palo Alto firewalls were sold as replacing this authentication mechanism
...
I have a PA-3050 and I need to add more QoS interfaces...I receive a message that says "constraints failed: Maximum number of interfaces reached". I can't find any documentation that states there is a max. number of QoS interfaces...where is it? If t
...
Hi,
We're facing an architecture where there are multiple address that needs to be used for a specific pool of IP from the LAN interface.
Let's supose that we have 3 IP PUBLIC address 10.X.X.2; 10.X.X.3 and 10.X.X.4 and the gateway has the IP 10.X.X.1
F
...
Dealing with my first experience with Palo Alto Firewalls. I am working with the vmware appliance version. I have two rules/policies current configured. One allows all traffic outbound and the other allows only ms-rdp traffic inbound. This is a la
...
Hello
I have a PA500 firmware version 6.0.7.
All interfaces are used, can I create a subinterface? I need to make a new segment. What is recommended to do that I need?
Thank you
I want to create an exception action for a specific antivirus ID (which happens to be outbound traffic). The default action is “alert” and I want this one ID to be “drop”. This is possible for the spyware and vulnerability profiles, but my problem is
...
Within the past couple of days I am starting to get reports from users that while trying to sign in with GlobalProtect they are receiving the following error:
Gateway X.X.X.X: Server certificate verification failed
No changes have been made on the PA.
...
I need to create a report of the number of users connector, but manager reports only allows me to order maximum 500 records, I need to create unlimited.
Hello, :smileyinfo:
We have a double ring structure and we are trying to implement the most appropriate settings for the Wildfire, according to the scenario that we have.
-A Cluster 2 firewalls External *OUT*
Model PA-500
WildFire Version 52587-59292
...
Hi,
please tell me, how can i block tor in pa device,
i create a rule with tor and tor2web , i set action to block but it is still runnning , it block skype too
IS that normal
thank's in advance
Regards,
Will RIP run over a VPN tunnel? I have a site to site to site VPN tunnel set up and an IP address set on my tunnel interface. I can ping the remote tunnel interface but I do not see the remote tunnel interface as a peer under RIP.
Found an issue on a customer's firewall. For some reason, the “source user” becomes unknown while students are using a web application called Istation. When that happens, the web traffic for that IP address becomes blocked by another policy. She w
...
Hi there,
we're experiencing a not-really fast connection establishment from the GlobalProtect client; with client cert and user credentials for authentication.
When the computer has been restarted it can take up to 25 seconds. A re-connect later takes
...
Anyone noting a large increase in triggering of following threat ID's after this Update (485-2569) was applied?
( threatid eq 36485 ) - OpenSSL SSL/TLS MITM vulnerability
( threatid eq 36420 ) - OpenSSL TLS Heartbeat Information Disclosure Vulnerabili
...
Hello together,
i have the problem that a jar-file would be blocked and categorized as a "Microsoft PE File". The PE Files are blocked by a "File Blocking Profile", thats okay, but jar files actually not blocked in that profile??? And i think this jar
...
TomYoung
on:
how can i create a PBF rule to send traffic to a http/https proxy?
TomYoung
on:
Confused about QoS on Palo, need some assistance.
TomYoung
on:
Static Port Address Translation question
TomYoung
on:
what is the cli command for checking last failover
reaper
on:
SSL inbound inspection certificate issue
TomYoung
on:
One Global Protect Portal and Two Global Protect Gateways in One Firewall
reaper
on:
password reset for user through support.paloaltonetworks.com
