This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1365 Views
  • 0 replies
  • 0 Likes

Resolved! Egress/Ingress difference for QoS

Hi Everyone,

 

My internal network (trust zone) operates at 1Gb speeds and the connectivity with ISP (untrust) is at 100Mb. I am in the process of setting up SIP QoS but am a little confused as to how I should manage the inconsistences between the IS

...

max session count in a month

Hi All,

          I want to find maxmimum session count reached in the past month. Now the PA device is not live, so i cannot find the current/live session count from the dashboard.

 

Under monitor > App Scope > network monitor i can get the traffice

...

session count for 30days.jpg
Gururaj by L4 Transporter
  • 9353 Views
  • 4 replies
  • 1 Likes

Resolved! PBR/NAT mechanics

Good morning everyone,

 

I have a weird issue that I think is related to how PBR or NAT works and/or something we need to program differently on our Palo Alto. I’ll try to explain our setup and the issue that occurred.

 

We have our main circuit that

...

ClintL by L2 Linker
  • 3774 Views
  • 2 replies
  • 0 Likes

VPN Global Protect certificate error

Hello,

I have a big problem with self signed certificate in my PAN. I use GP 2.3.0 version.

 

I install two certificates in two computers. One of them are connect to the VPN correctly but other display window with "Server Certificate Error" Error det

...

ITBT by L1 Bithead
  • 23758 Views
  • 2 replies
  • 0 Likes

Resolved! SSL Decryption

With SSL Decryption it is recomended that Financial services & Medical category is not decrypted.

My question is how do you ensure that sites that should not be decrypted are not i.e. JP Morgan is clearly a Financial services and will not get decrypt

...

RC-BHF by L2 Linker
  • 2945 Views
  • 2 replies
  • 0 Likes

idle traffic sessions

I know that you set timeout for global protecte sessions that go idle but can you set other idle traffic to time out?

jdprovine by L4 Transporter
  • 4663 Views
  • 7 replies
  • 0 Likes

Resolved! Block ms-update for GlobalProtect sessions?

Hi all -- 

 

Lately, with the Win10 release, I'm finding many of my VPN users are downloading gigs of updates over my meager 10mbps company internet cxn.  I'm wondering if there is any way to block specific services/applications (ie.- ms-update) over

...

thatguy by L2 Linker
  • 3222 Views
  • 3 replies
  • 0 Likes

Resolved! Pull Info on Specific GlobalProtect User

Is there a way to pull information on a specific user connected on globalprotect throught the CLI?

 

I know the command:

show global-protect-gateway current-user

pulls all the users in... but what about just for a single user?

 

Thanks.

mmclimans by L3 Networker
  • 2578 Views
  • 1 replies
  • 0 Likes

Resolved! Uptick in RFC2397 Data URL Scheme Usage Detected (30419) ?

Before I go on a wild goose chase, has anyone seen an increase in threat 30419 (RFC2397 Data URL Scheme Usage Detected)?

 

It seems like these things trip for a while until PA figures out someone's using something novel in a new App. A new application

...

MCmgt by L2 Linker
  • 5513 Views
  • 7 replies
  • 0 Likes

QoS Implementation for Voice Traffic

We are looking to implement QoS on our Palo Alto device for our voice traffic. We are currently tagging voice traffic with DSCP 46(ef). This is done at the source using Windows group policy to tag all traffic that originates from application "lync....

VLAN taggin Wireless traffic

I have a Wireless Access Point with multiple SSID's configured connected to a PA-200 on the interface ethernet2 (vlan).

 

The PA config is setup as per https://live.paloaltonetworks.com/t5/Configuration-Articles/Setting-Up-the-PA-200-for-Home-and-Sma

...

Resolved! Device Group Hierarchy and Template Stacks in 7.x

Howdy all!  I am really curious about Device Group Hierarchy and Template Stacks in 7.x.  There could be incredible value in utilizing these features in my environment.  The biggest question I have is:  Does Panorama AND the target firewall BOTH have

...

  • 24184 Posts
  • 117 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks