General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Discussions

Thank You for Filling Out the LIVEcommunity Experience Survey!

If you've visited LIVEcommunity anytime recently, you've probably seen a pop-up asking for your feedback. We've deployed this survey since April 2020 for new and returning visitors alike as a way to gather feedback from our users. 

 

In the past six

...

survey-livecommunity.png
jforsythe by Community Team Member
  • 543 Views
  • 1 replies
  • 4 Likes

Blocking an application for all websites except one

I have an Application filter for Streaming Audio and have created a policy to block it. That's going well but I need to allow http-audio which falls under Streaming Audio for one specific site only.

I have created a URL Filtering security profile with

...

eugenep by L3 Networker
  • 4526 Views
  • 10 replies
  • 0 Likes

terminal Agent - session 0 "no need to handle"

hi all,

I've encauntered the issue with terminal agent mapping.

Everything is working fine for normal users using terminals but for local console Administrator it is pain in the a...

It seems that Terminal Agent is skipping this mapping (local console

...

pkonitz by L2 Linker
  • 1431 Views
  • 2 replies
  • 0 Likes

full url address

Hi,

When looking for url reports from custom reports , some of the url addresses come only with *.domain.com

is there a way to see full address of these url's.Especially google ?

panos by L6 Presenter
  • 2339 Views
  • 6 replies
  • 0 Likes

Resolved! Certificate chaining with Captive Portal

Hello,

We have a PA-3020 running PanOS 5.0.0 in L3 deployment. We have just one Private zone and one Public zone for the instance.

I have configured a Captive Portal policy on the Private zone gto ensure that all users that are not authenticated by Use

...

ldormond by L3 Networker
  • 5726 Views
  • 9 replies
  • 0 Likes

Resolved! Cannot log in after 5.0.5 upgrade

After upgrading from PAN-OS 5.0.4 to 5.0.5 and rebooting the primary 3020 of an HA pair, the logins we normally use tied to our Active Directory accounts are not working; they are giving us Invalid Logon messages.  These Invalid Logon messages occur

...

Resolved! Virtual IP

Hi

We have a scenario wherein we should create a virtual private IP in Palo Alto and that virtual IP will connect to a public IP. For example:

PA LAN IP: 192.168.1.1

PA PUBLIC IP: 9.9.9.9

Firewall Virtual IP: 192.168.1.254

Public IP: 1.2.3.4

Users will con

...

Resolved! Skype-probe rule catching other traffic

I have implemented the suggested Skype-Probe allow rule in order to block Skype.  I have noticed that this rule will also catch traffic that is of the Application type Incomple and Insufficient-data.  Just currious as to why it is ending up in this r

...

merrydc by L1 Bithead
  • 1503 Views
  • 2 replies
  • 0 Likes

Resolved! iPad App fails to connect

I have the global protect license and an active global protect subscription.  Windows Laptops, Mac Laptops, and Android devices (using the app) can connect and access network resources.  However I try with the iPad and it fails immediately.  I get "C

...

nthen by L3 Networker
  • 3236 Views
  • 6 replies
  • 0 Likes

Unable to get exchange logs

Hi,

I have a PA500 on PANOS 4.1.9

I'm doing some testing with Exchange, managing to get logs to identify iphones, ipads and android devices without a Captive Portal.

Installed USER-ID agent version 5.0.2-2 on a DC, done auto discovery, removed all DCs a

...

Resolved! Captive Portal Behavior

We have configured the captive portal for category 'Adult and Pornography' . Our question is, will the captive portal start every time or only when you are an unknown user? If the user is known (using Active Directory), is the user still being prompt

...

bbsoc by L2 Linker
  • 2034 Views
  • 4 replies
  • 0 Likes

What do 'SML VM Checks' and 'Detector Threats' do?

Hello

What do  'SML VM Checks' and 'Detector Threats' do in software pool?

These value was 1 when delayed to connect Web-Server.

Connection is normal when these value was high.

What do theses do? and what something do these influence FW?


Thanks

Resolved! Unblock an ip after the block-ip action

Is there a way other than waiting for the timeout to expire to remove an ip from the list of blocked ip's once it is blocked by a rule with an action of block-ip? I hope that makes sense .

Thanks,

Jim

jmayne by Not applicable
  • 2992 Views
  • 4 replies
  • 0 Likes

Report for CPU, Throughput, or Session

Hi,

PA can create report for Traffic, Threats, URL... very well.

However, I don't see any way to create report for CPU, Throughput, or Session in long time (about one week, or one month, whatever time),

Please let me know, can PA do that?

Note: Do not us

...

ThongPD by L1 Bithead
  • 1156 Views
  • 3 replies
  • 0 Likes

Active FTP Timeout Issue

Working with Active FTP, we are having problems with transferring files larger than 1.5GB because the control channel hits the idle session timeout for FTP (set at 1800 seconds).  Temporarily we have increased the timeout to 5400 seconds as a workaro

...

Top Solution Authors