This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Published MS subnet as unknown category

Hello, how can a subnet published there: http://www.cgoosen.com/latest-office-365-ip-address-changes/ can end up "unknown" ? 132.245.193.37 got blocked, no more Skype video calls (ouch). Thanks for adding all networks listed at the above URL to computer-and-internet-info.

Chromebook and GlobalProtect VPN

Does anyone know if the Chrome book supports the GlobalProtect VPN client? I have some staff interested in purchasing them but VPN access will be required and I have no way to test it.Thank you,

parkerbc by Not applicable
  • 4862 Views
  • 2 replies
  • 0 Likes

Redirects for YouTube with Safe Search Enforcement

I have been working to enable Safe Search Enforcement for all of our users, but was having issues due YouTube being blocked. Since I couldn't find a solution anywhere else, I created a bit of code to update the user's cookies to put YouTube into Restricted Mode and send them along their way - basically with the following code: var expiration...

edavis33 by L1 Bithead
  • 3796 Views
  • 2 replies
  • 0 Likes

Blocking Facebook-Video

I've found two past posts on this topic, but nothing really only these lines. *I've recently opened a ticket on this but was curious if anyone else has had this problem or been successful at doing so* Has anyone actually been successful in blocking just "Facebook Videos" with every other functionality working using only the Facebook-Video ap...

Static Route ECMP Monitoring upstream

Hi All, Probably a quick question. I am attempting to implement ECMP with two static routes. Such as: ECMP on e1/1 = 192.168.255.9/29 route 10.0.0.0 255.255.255.0 192.168.255.11 route 10.0.0.0 255.255.255.0 192.168.255.12 My question is, if 192.168.255.11 is unavailble, will the PAN remove that route as a vaiable route? Or do I have to us...

Resolved! Multiple Captive Portal

Hi, We are catering Palo Alto to different schools. Is there a way or is it possible for Palo Alto to have different captive portal page per school? Example, school A will have different design of captive portal and school B will have another design. Hope you can help me on this. Thanks, MBS

Permit or Block Traffic based on Path within URL

Is there a way to block or permit traffic based on the path in a URL through custom URL Categories or any other means Palo Alto has? I have found you can filter based on domain and sub domain. however, when i try to specify the path after the domain my security rule never gets hit. Here is a scenario, we would like to permit all web traffic to w...

Response Page on Internet Zone

Hello Community, our customer has a Cluster of PA-3020 with PANOS 7.0.2. We have enabled Application Block Page and the Internal users can view it properly. Customer has a rule to permit Web-browsing traffic from Internet to DMZ. When users try to show the web page published by the server on the rule, he view the Application Block Page that...

image001.png

Resolved! X-Forwarded-For on Traffic and Threats logs

Hi Community, I wanted to know if you are able to see the IP of XFF on the Traffic and Threats logs. Do you know if there are any configuration to enable it or if it will be supported on the next releases? Thanks in advance. Jacopo.

XML API

hi , i enter follow . but occurs error (Malformed Request) https://10.21.63.99/api/?type=config&action=set&xpath=/config/devices/entry[@name=%27localhost.localdomain%27]/vsys/entry[@name=%27vsys1%27]/rulebase/security/rules/entry[@name=%27rule1%27]&element=%3Csource%3E%3Cmember%3E12.12.12.1%3C/member%3E%3C/source%3E%3Cdestination%3E%...

PAN could generate system log about max session and cps?

Hi.I want to know about system log.When Max Session fully exhausted, system log could be generated?When CPS limit reached, system log could be generated?PANOS 5.0 could generated a system log for high DP CPU. I want to know description of system log when high DP CPU event be occurred Thanks.Regards

Roh1 by Not applicable
  • 3798 Views
  • 3 replies
  • 0 Likes

Resolved! Bottom Custom Reports

So PAN systems come with a lot of awesome custom report options, but I want to find policies that aren't being used very much, perhaps let's say 0 hits in 7 days. I'm attempting to do this in a much more simplistic and preferable-to-read fashion by sorting by count and grouping by rule. The issue is that I cannot sort by count ascending, everyth...

question for block amazonaws

Hi I recently got many amazonaws.com IPs listed in my attacker list from my daily report as below. How do I block all traffic from amazonaws, and I cannot find it from my traffic monitor and why? Please give me some hints? 52.5.42.249 ec2-52-5-42-249.compute-1.amazonaws.com 1054.85.146.141 ec2-54-85-146-141.compute-1.amazonaws.com 952.91.113.8...

Bin by L1 Bithead
  • 5230 Views
  • 2 replies
  • 0 Likes

How to generate SNMP Trap for testing purposes on PAN OS?

Hello I'm on PAN OS 6.1.8 and I try to test my reporting/alerting system. Is it a way to generate trap from PAN os from CLI/GUI? P.S. This doc https://live.paloaltonetworks.com/t5/Configuration-Articles/SNMP-Trap-for-Port-or-Link-status/ta-p/56280 is realy outdated but still searchable. It also doesnt have info of PAN os. Regards Slawek

_slv_ by L4 Transporter
  • 4413 Views
  • 1 replies
  • 0 Likes
  • 24379 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks