This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 195 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 878 Views
  • 0 replies
  • 0 Likes

Statefull or not statefull

We recently purchase pa3020s for mainly application control reason and put them behind cisco ASAs.   I set up trust-to -untrust policy which applies to outbound internet traffic. I denied unwanted apps and allowed rest using user group mapping.   tha

...

awarsame by L1 Bithead
  • 7966 Views
  • 13 replies
  • 0 Likes

globalprotect client for android

I have the globalprotect client installed and working for pc's but I downloaded and installed the client on my android and it looks like it is trying to connect or is connecting then it pops up my username and password box again. I checked the traffi

...

jdprovine by L4 Transporter
  • 2826 Views
  • 5 replies
  • 0 Likes

Globalprotect vpn access permissions

I want to give different access permission to different group when they access the network using the globalprotect vpn client. I have it configured but its now allowing me to pick the specific group that I want the access for

jdprovine by L4 Transporter
  • 6663 Views
  • 9 replies
  • 0 Likes

URL Filter Question

Does PA not do DNS lookups on URL filtering?

We have an FQDN being blocked as malware, but the site can be accessed if the IP address is used.

thx

//moe

Firewall between host and gateway

Sorry if this is really basic but...

I have configuration where, we've added a gateway to a subnet that we only want one host to be able to access to get offsite.  The gateway is on the other side of a vwire in the same subnet space obviously but in a

...

epeeler by L2 Linker
  • 4296 Views
  • 6 replies
  • 1 Likes

Delay with User-ID and Captive Portal

HI,

This is only theoretical for me as I don't use captive portal (yet) but I noticed a problem.  I am successfully authenticating pretty much all my users, but quite often I see a few flows at the start of a user session which doesn't have a user-id.

...

djr by L4 Transporter
  • 3685 Views
  • 3 replies
  • 0 Likes

Resolved! create a any-ipv6 address object

Hey all,

Is it possible to create a any-ipv6 address object?
I tried with an object "::/0" (same syntax used to configure default route) but this seems to hit any-ipv4 address as well.

Tried this in PanOS6.0.10, PanOS6.1.3 and PanOS7.0.0.0b23

mr.linus by L4 Transporter
  • 5267 Views
  • 4 replies
  • 0 Likes

PA URL FILTERING UPDATES force to update the HA peer

Hi, i have 2 palo alto 2050 in HA (active/passive). The active HA has intenet acces in order to take the palo lato updates but the passive PA doesnt have access to internet. The problem is that the active PA has a URL version updated but the passive

...

SOC_CSG by L4 Transporter
  • 13211 Views
  • 12 replies
  • 0 Likes

Resolved! Questions about internal gateway

Hello everyone,

I have questions about global protect internal gateway.

1.

What difference are between tunnel mode and non tunnel mode on internal gateway?

Encrypted? or Something?

2.

If customer does not use external gateway, Can I set external gateway i

...

Webui cert for HA PA's

I am trying to assign a external cert to the webui so I don't get the warning message anymore? I imported my cert to the primary box and the setting did not fully synchronize to the passive box. I noticed there is an import and an import HA, do I hav

...

jdprovine by L4 Transporter
  • 5519 Views
  • 12 replies
  • 0 Likes

Resolved! Recommended Hardware for BranchOffices (PA-200 vs. PA-500)

Hi all,

We're evaluating new IT hardware for some small/mid-sized branch offices in Asia. If we compare the PA-200 and PA-500 (Link) we don't see a technical limitation when using PA-200s instead of PA-500s. Most branch offices don't have Internet con

...

oschuler by L4 Transporter
  • 2801 Views
  • 2 replies
  • 0 Likes
  • 24011 Posts
  • 115 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks