This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

No traffic in traffic log - VM100

Hi Guys,Following on from my last post - Site-to-Site VPN - Palo alto to Cisco Router issue i am experiencing an issue with my PA VM100, there is nothing in the traffic logs....this is running on VMWare workstation 11But there is traffic flowing through the firewall 100%, it is functioning perfectly, with the exception of the lack of traffic log...

how to handle Google SSL traffic?

Hello,I am new to PanOS devices, we recently got PA-200 router which is quite different from classic routers. Long story short - my problem is SSL traffic, I am trying to prioritize our traffic since for now we have only 10Mbit link, we have people working remotely over VPN, we have our own VoIP gateway in office, and there are people who are ac...

Nils by L0 Member
  • 4136 Views
  • 3 replies
  • 1 Likes

Captive Portal to Internal Servers

I have a client that currently uses an ISA server to restrict access to back-end web servers. The users authenticate at the ISA which then redirects to the back end web server.Palo Alto firewalls were sold as replacing this authentication mechanism using Captive Portal. Is this a possible use? I've only seen examples of Captive Portal for out...

QoS maximum number of interfaces???

I have a PA-3050 and I need to add more QoS interfaces...I receive a message that says "constraints failed: Maximum number of interfaces reached". I can't find any documentation that states there is a max. number of QoS interfaces...where is it? If this really is a maximum, is it just a licensing issue?

mike_cc by Not applicable
  • 4195 Views
  • 3 replies
  • 0 Likes

Resolved! How to setup multiple IP Public address on PA-200

Hi,We're facing an architecture where there are multiple address that needs to be used for a specific pool of IP from the LAN interface.Let's supose that we have 3 IP PUBLIC address 10.X.X.2; 10.X.X.3 and 10.X.X.4 and the gateway has the IP 10.X.X.1From the LAN interface we might expect to get a range of IP Pool addresses192.168.1.X to 192.168.1...

Resolved! No information showing up in Monitor->Logs->Traffic

Dealing with my first experience with Palo Alto Firewalls. I am working with the vmware appliance version. I have two rules/policies current configured. One allows all traffic outbound and the other allows only ms-rdp traffic inbound. This is a lab situation until I feel comfortable with deploying in a production situation. I have one host b...

RNutter by Not applicable
  • 3721 Views
  • 2 replies
  • 1 Likes

Resolved! Subinterface

Hello I have a PA500 firmware version 6.0.7. All interfaces are used, can I create a subinterface? I need to make a new segment. What is recommended to do that I need?Thank you

Antivirus Security Profile Exception

I want to create an exception action for a specific antivirus ID (which happens to be outbound traffic). The default action is “alert” and I want this one ID to be “drop”. This is possible for the spyware and vulnerability profiles, but my problem is that it looks like the antivirus security profile exceptions are ONLY “allow”. How can I configu...

JohnPa by L1 Bithead
  • 2502 Views
  • 2 replies
  • 0 Likes

Resolved! Server Certificate Verification Failed

Within the past couple of days I am starting to get reports from users that while trying to sign in with GlobalProtect they are receiving the following error:Gateway X.X.X.X: Server certificate verification failedNo changes have been made on the PA. Any suggestions for places to start looking?

mcocat by Not applicable
  • 9689 Views
  • 1 replies
  • 0 Likes

Resolved! Wildfire Double Ring - Perimetral Network External / Internal

Hello, :smileyinfo:We have a double ring structure and we are trying to implement the most appropriate settings for the Wildfire, according to the scenario that we have.-A Cluster 2 firewalls External *OUT* Model PA-500 WildFire Version 52587-59292 (02/02/15)-A Cluster 2 firewalls Internal *IN Model PA-2050 WildFire Version 52588-59293 (02/...

SOC_CSG by L4 Transporter
  • 2962 Views
  • 2 replies
  • 0 Likes

block tor

Hi,please tell me, how can i block tor in pa device,i create a rule with tor and tor2web , i set action to block but it is still runnning , it block skype tooIS that normalthank's in advanceRegards,

atelcom by L3 Networker
  • 6236 Views
  • 6 replies
  • 0 Likes

RIP over VPN tunnel

Will RIP run over a VPN tunnel? I have a site to site to site VPN tunnel set up and an IP address set on my tunnel interface. I can ping the remote tunnel interface but I do not see the remote tunnel interface as a peer under RIP.

source user showing as unknown in traffic monitor

Found an issue on a customer's firewall. For some reason, the “source user” becomes unknown while students are using a web application called Istation. When that happens, the web traffic for that IP address becomes blocked by another policy. She wrote a specific policy for Istation traffic even if the user is unknown to resolve this issue. ...

GlobalProtect Client - connection establishment speed

Hi there,we're experiencing a not-really fast connection establishment from the GlobalProtect client; with client cert and user credentials for authentication.When the computer has been restarted it can take up to 25 seconds. A re-connect later takes approx. 10 seconds.Currenty we're using the CheckPoint Client for VPN (credentials only), and th...

  • 24379 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks