This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 446 Views
  • 0 replies
  • 2 Likes

Basic GlobalProtect Walkthrough

Hello,

New customer here, currently working my way though configuring the various parts of the firewall...

At the moment, I'm working on User VPN, and I'm finding it difficult to find clear step-by-step documentation. I did manage to make an SSL vpn co

...

Skype manager custom application

Hello,

I'm actually blocking skype application but I would like to allow skype manager web site (https://manager.skype.com/).

The web site manager.skype.com is blocked because recognized as skype application.

The idea is to build a application that allo

...

Dropbox uploading

For dropbox on the web.  I need to block uploading, this works with chrome, ie.  but with firefox if i create a File-Blocking policy with the following. Firefox will not stop the dropbox upload.  IE and Chrome will.

Any application upload block

applic

...

markk96 by L3 Networker
  • 2534 Views
  • 4 replies
  • 0 Likes

Terminal Server Agent

Is there anyway to import a list of Terminal Server Agents installed to the firewall?

I have about 250 Terminal servers.

markk96 by L3 Networker
  • 3546 Views
  • 4 replies
  • 0 Likes

Resolved! CLI listing of all Security Policies

We are trying to reduce our unused Security Policies.  We created a custom report to show Security policies run in the past 30 days.

I would like a listing of all Security Policies and then remove the Policies that have not been run in 30 days.  I am

...

Jshively1 by Not applicable
  • 7668 Views
  • 5 replies
  • 0 Likes

PAN failover causes Cisco issues

Hi Guys,

Has anyone seen the PAN causing an issue with Cisco ASAs when doing a failover? I don't have much details yet but wanted to see if anyone has seen this or something similar.

Thank you in advance.


x by L1 Bithead
  • 4589 Views
  • 7 replies
  • 0 Likes

security policies: application vs service

how are application and service treated in a given policy?

multiple apps in a policy?

multiple services in a policy?

apps and services in a policy?

how are the different scenarios and'ed or or'ed?

Thanks

David

Resolved! Is it possible that traffics go on each other sub-interfaces with same physical interface?

Hello.

I want to make the following network-diagram. Is it possible?

A Cisco Nexus              Paloalto

VRF-1 ----------------------> eth1/1.1 | 1.1.1.1 | VR : default | trust

                 tag 10                                |

                     

...

Can I make custom application from MIME type?

Hello,

I want to make custom application(or vulnerability) from MIME type.

EXE of MIME Type is 'application/x-msdownload'

So I made two customer applications as the following patterns.

1. application/x\-msdownload

2. \x61 70 70 6c 69 63 61 74 69 6f 6e 2f

...

Resolved! SSL Ciphers

Does anyone have the ciphers list to configure on ISS and Apache that will fully support decryption? We're running PAN-OS 6.0.

mharding by L4 Transporter
  • 4756 Views
  • 4 replies
  • 0 Likes

Resolved! GlobalProtect Gateway on Different IP address

Let's say we  have an external facing interface  Ethernet1/3  with  Ip address of 1.1.1.14/28.   The upstream isp router is 1.1.1.1 all other addresses (1.1.1.2-1.1.1.14) are routed to the Palo Alto and in use for various web services, etc..

Per the d

...

travisj by L2 Linker
  • 5090 Views
  • 4 replies
  • 0 Likes

Resolved! VPN port and default port the same?

Hallo all,

i have only one phyical ethernet interface on firewall which is facing the internet. I also want to make this PA firewall as an IPSEC Tunnel endpoint. So all my internal traffic uses this ethernet interface to go to internet. And VPN traffi

...

Basic noobie question.

I am looking to what I would call port address translation, but am unfamiliar with how to do it on the PA. Basically I need a public IP to route SNMP traffic to one inside address, and syslog traffic to another inside address. This will also only app

...

mcocat by Not applicable
  • 3096 Views
  • 6 replies
  • 0 Likes
  • 23703 Posts
  • 110 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks