This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4473 Views
  • 0 replies
  • 0 Likes

Allow Office 365 not getting desired results...

Hei,We recently moved over to a full O365 solution and I am trying to customise the ruleset to Allow for O365 traffic when all other traffic is blocked. Unfortunately I have hit a wall and cannot seem to get the application to be allowed. I am hoping one of you can point out what I have done wrong and how to correct it. I have used Addresses (wi...

Decryption and Certificate Questions

Hello Pros,I would like to set up decryption for all traffic/devices accessing the internet. This will include smartphones and all sorts of devices. I would like to set it up in a way where each user is not forced to install a certificate before the device trusts the certificate. 1. If I create a certificate on the Palo and mark it 'Forward T...

Bocsa by L3 Networker
  • 7922 Views
  • 7 replies
  • 0 Likes

TIP: LDAP Group Mappings in a mixed 6.x and 7.x environment with Panorama

All, I thought I would share a quick tip for those people that may be considering upgrading from 6.x to 7.x in an environment where you are using Panorama. In PAN-OS 7.x, the information of your Active Directory domain has been moved from the LDAP settings to the Group Mapping Settings. As the first step in upgrading to 7.x is upgrading your Pan...

Panorama Template.png
Group Mapping.png
Firewall Domain.png

AV version confusion

Hi all, I have a HA pair (A/P) of PA-500s and one of the devices seems to be giving mixed messages about the version of the AV definitions in use. This has been the case for a couple of weeks now. It is not causing problems as such, but it is not right either. If anybody can advise on how I can get our PA-500 to report correctly it would be ap...

pa-av-post1.png
pa-av-post2.png
pa-av-post3.png
DavePalo by L4 Transporter
  • 3964 Views
  • 2 replies
  • 0 Likes

Palo Alto Redundant interface

Hi Guys, i want to connect the Palo Alto in a cross connection to switches. In cisco there is something as Redundant interfaces (link http://www.cisco.com/c/en/us/td/docs/security/asa/asa80/configuration/guide/conf_gd/intrface.html#wp1046014) is something which like this feasible in PA firewall or something a solution for this scenario. As per m...

connectivity.jpg
NiteshS by L2 Linker
  • 8970 Views
  • 5 replies
  • 1 Likes

Facebook videos working again?

So I've set URL filtering to block on the "streaming-media" category which has successfully blocked Facebook videos for months. This week, the videos started working again and it seems it's because they're using a different CDN domain (or multiple ones) -- is it better to block by the App-ID "facebook-video" instead of URL filtering?

Problem upgrading GlobalProtect

Hi,I’ve some problem upgrading GlobalProtectNow I’ve 2.1.1 versionActivating a new version (I try with 2.2.2 and also with 2.3.1) automatic upgrade fail and I need to manually remove GlobalProtect and install new version again. I also tried to install 2.2.2 and then trying an automatic upgrade to 2.3.1 but it still fails This is the log (T688) 0...

diennea by L3 Networker
  • 3268 Views
  • 1 replies
  • 0 Likes

How to export a list of disabled security policies

Hey all; This is probably a question that's been asked before but I'm wondering if there is a way to export a list of all security policies currently disabled. I'd like to have a short list for review. I've only been able to find the CLI to show unused security policies, and from the Policies section I can list all "disabled eq yes" but no way...

cafowler by L2 Linker
  • 3434 Views
  • 1 replies
  • 0 Likes

Resolved! Application Subcategory Report

I want to know how to run a Report on all users who used a File-sharing App. If i use Traffic Log i dont see Application sub category as the Attribut choice.

parichie by L0 Member
  • 2804 Views
  • 1 replies
  • 0 Likes

Resolved! Public wildcard certificate for use with Captive Portal

Hi guys, I have a scenario whereby we have a publicly issued wildcard certificate for our organisation and I'm wanting to use this in conjunction with Captive Portal on the PA-500. I've set all policies up and configured Captive Portal to redirect to a Loopback interface on the firewall (through the use of a DNS name which resolves to the IP of ...

Any luck with 7.0.2 out in the field?

I am curious to see if anyone has upgraded to the newest 7.0.2. I tried 7.0.1 but had a few issues with a commit command to one of my firewalls. Still working on that but has anyone installed 7.0.2 and are you happy with it?

PAN-OS 5.0 CLI script to change TCP and UDP Timeout Values for Default Applications on device

I have a requirement to change the timeout values on all of the paloalto os preconfigured/default applications (2000+ applications). Using the web interface, it would require opening and configuring each individual application. Can anyone lend assistance by pointing me to a CLI script that can make easier work of this task. Greg

townesgs by L0 Member
  • 2267 Views
  • 1 replies
  • 0 Likes

Resolved! Management Interface

Hi, Is it a good idea to connect the mgmt interface directly to wan ? or should it only be accessible locally and via an access server for remote management ?

  • 24380 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks