This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4243 Views
  • 0 replies
  • 0 Likes

GlobalProtect Pre-Logon with Windows 8.1

I have been testing out a new GP portal/gateway on my firewalls for Pre-Logon/Always On as I would like to eventually like to move all remote workstations to this model. With that said, I notice when I enabled the pre-logon and SSO a new icon shows up on the logon screen which is confusing my users. Some click on it when logging in and others ...

nthen by L3 Networker
  • 4328 Views
  • 3 replies
  • 0 Likes

Resolved! Monitoring Accessed URL's

Hi Everyone,We have the URL filtering license, I am trying to log all websites that a user access, however, I noticed PA only logs websites which the user fails to access due to a URL filtering policy, ie only websites that are blocked from the user because they fall under a blocked category.Is there a way to log user access to all URL's.Thanks

rsaber by L1 Bithead
  • 6165 Views
  • 3 replies
  • 0 Likes

Resolved! Destination NAT of ESP and GRE

Hi all,I'm hoping somebody might be able to help with this unusual scenario please?I have been tasked with replacing an old linux based firewall with a PA-500 device.Initially the configuration of the PA-500 should just replicate what the current firewall is doing before we start phasing in the additional security capabilities of the Palo.The on...

DavePalo by L4 Transporter
  • 7563 Views
  • 3 replies
  • 0 Likes

Set time in report email scheduler

Hi,I think it´s a problem that we are not allowed to decide the time a report should be sent. According to support it´s automatically set at 2:am to releive the box of this burden during normal office hours. How Plao Alto knows every customer and their working hours is a mystery to me. And when trying to troubleshoot report delivery this becomes...

mgusta by L2 Linker
  • 2925 Views
  • 1 replies
  • 0 Likes

Resolved! Global Protect 2.3.1 and Windows 10 support

HelloI try to check it in pdf https://downloads.paloaltonetworks.com/software/GlobalProtect-Agent-2.3.1-RN.pdf?__gda__=1438918935_ba8887ff43fdf2364df6…but there isn't such information Could someone tell me that Windows 10 is supported ?If this info is nessesary I'm on 6.1.4 and GP 2.3.0.RegardsSlawek

_slv_ by L4 Transporter
  • 4645 Views
  • 2 replies
  • 0 Likes

What is the best PANOS version to PA 5020 & 5050 Plantforms

Hello Community,I have 37 PA Firewalls.9: 5020 Current version PANOS 6.1.428: 5050 Current Version PANOS 6.0.4 Reading the security advisories the 5050 devises must be with PANOS 6.0.8 and the 5020 with PANOS 6.1.4. But I would like to know, which PANOS version might to upgrade these devices without affect the running configuration?I apprec...

Apadilla by L3 Networker
  • 4158 Views
  • 3 replies
  • 0 Likes

Resolved! Automated Correlation Engine - Will it look at log entries from before the upgrade to PAN-OS 7?

I have logs going to Panorama from Firewalls running PAN-OS 6.1.5, I recently upgraded Panorama from 6.1.5 to 7.0.1. Does anyone know if it will look at the old log events in the correlation engine or if it will only look at new ones coming in?Any way to test and confirm that the automated correlation engine is working?

bgirdner by L2 Linker
  • 4364 Views
  • 1 replies
  • 0 Likes

User-ID ignore multiple users - agentless or agent

Hi,I've got an installation with approx 70k+ users, where user-id is an important factor. I want to ignore all user with prefix adm or svc in the user name(admin and service accounts) from user-id, to avoid getting unwanted ip-user-mappings. I have the option to both use agentless and agent on windows server. There are so many admin and service ...

torm by L4 Transporter
  • 5939 Views
  • 3 replies
  • 0 Likes

Block File inf_pu_toolkit_v2.swf

Hi,Two of our users have visited a site and downloaded the file inf_pu_toolkit_v2.swf. The file was submitted to wildfire, but I want it to be blocked from being download again. Where do I go about doing that?

Akamai Technologies?

It seems nearly every time I need to determine the URLs that are using what seems to be excessive bandwidth, this one comes up the most. Akamai Technologies. I understand they are a CDN, but if most services rely on their services and that is as far as we can go to determine the source, this really kills any advantage of the PA; or at least the ...

jharlow by L3 Networker
  • 7905 Views
  • 3 replies
  • 0 Likes

Resolved! interface and subinterface configuration for untagged VLAN 1

I have a switch that is allowing all VLAN 1, 44, and 120. I have the following configured:on the physical interface I am using 192.168.0.1/24 which is VLAN 1created two sub interfaces for each VLANsubinterface .44 tagged 44 IP address 172.20.44.1/23sub interface .120 tagged 120 IP address 172.20.120.1/24Is this the correct configuration?

Ipsec VPN issue with checkpoint

Hi Friends,We have an IPsec VPN tunnel configured with CheckPoint firewall. Basically, when our Phase 1 expires after 24 hours, if a Phase 2 key is still within its 1 hour lifetime, we receive no response back. Only after the Phase 2 key expires and a new Phase 1 SA is negotiated that we can pass traffic. This happens every day, ...

Satish by L4 Transporter
  • 11623 Views
  • 4 replies
  • 0 Likes

Resolved! Static user-id to IP-address mapping

Hi All,Is there a way in PanOS 6.1.x to manually map a user-id to an ip-address.Or is there a way to set an IP-address to be exempt from the user-id mapping policy.I have PA-500s being staged behind a generic firewall inside a production network with a PA-3000 on the perimeter. The PA-500s NAT their external connections via the generic firewall...

Resolved! High Availability VWire

I am setting up a HA pair of 5060s in vwire mode between two Cisco ASA's and the internal switch. the ASAs are set up has HA.What is the best way to set up the 5060s in HA to ensure they notice when the ASA fails. I do not want a scenario where the ASA fails but the Palo does not. Then the secondary ASA will be active forwarding traffic to the s...

  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks