General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

On-demand ipsec tunnels?

Is it possible in the PAN to do on-demand vpn tunnels? This is used quite a bit in the Cisco world.. especially for vendors.

They often are setup so the tunnel is configured but when the vendor needs to connect for support, the end-user needs to conn

...

SDorsey by L4 Transporter
  • 4372 Views
  • 7 replies
  • 0 Likes

Route Cache

Hi,

We implemented PA3050 as internal firewall. We configured it as L3 and caters up to 200+ static routes. When we try to remove a single route in virtual router and commit, approximately 20 minutes before it takes effect. Is this normal in Palo Alto

...

PAN OS and TACACS+

Hi There,

Is it possible to tie together a PANOS and TACACS+ for authorization of commands? If not, how it possible to restrict access for some cisco network equipment? Any ideas?

Oleksandr by L3 Networker
  • 2931 Views
  • 6 replies
  • 0 Likes

QoS based on DSCP marking

We have Mitel IP phone systems deployed across multiple IPsec VPN sites

The voice packets are marked EF (DSCP 46) and signalling packets are marked AF31 (DSCP 26) automatically by the IP phones and PBX.

Under QoS policies, there doesn't seem to be a wa

...

yikching by L0 Member
  • 2389 Views
  • 2 replies
  • 0 Likes

Resolved! Alerts

I have my Palo Alto setup to send emails out on critical alerts.  If someone tries attacking an outside IP I will get 60 alerts sometimes all in a row.  Is there anyway to get the email alert just once that the outside IP was hit 60 times as opposed

...

aguley by Not applicable
  • 2544 Views
  • 3 replies
  • 0 Likes

Resolved! Backup Configuration of a PA-200

We had a near miss on our PA-200.  Got it recovered (thanks, support team!) by reseting to factory default and restoring the configuration, but it would have been a lot quicker if we'd had a current configuration to restore from, instead of having to

...

bdunbar by L3 Networker
  • 6234 Views
  • 7 replies
  • 0 Likes

Resolved! can we block sending web based email

Hi all,

Is there a way to block only sending an email from web-based email portals(all or common of them, hotmail,gmail etc)

so that users can read their email but cannot send any ?

PanIst by L3 Networker
  • 2824 Views
  • 3 replies
  • 0 Likes

Java version detection and blocking old version

Hi,

With more and more vulnerabilities in Java, I would like to know if there is any way in PAN firewall to identify and blocked non latest Java traffic? The goal is to identify machines and inform owners to update their Java version. If not then bloc

...

Resolved! PANOS 6.1 Related Log Detail View Enhancements

Greetings all!

I have updated several PAN firewalls to 6.1. Today, I noticed this entry on page 5 of the guide:

Related Log Detail View Enhancements

To make it easier to correlate log information from a session, you can now click through

the related l

...

SDorsey by L4 Transporter
  • 4188 Views
  • 3 replies
  • 0 Likes

Resolved! Panorama for logging/reporting ONLY

If I want to use panorama for extended logging and reporting functionality only, are there any settings or configuration needs that I should be aware of? Should I disable the panorama objects and templates?

jclingan by L0 Member
  • 4001 Views
  • 4 replies
  • 0 Likes

Resolved! About Captive Certificate

Hi all,

To make visitors not having ssl warning for Captive portal page;

is there a way to do that without purchase a certificate ?(no way for importing cert to the clients)

PanIst by L3 Networker
  • 2722 Views
  • 4 replies
  • 0 Likes

configuration basique Accès Externe

Bonjour,

Je suis tout nouveau avec palo alto.

j'ai installer une machine virtuelle VM-100 avec le model OVF, sans licence car je souhaite tester celle-ci en LAB.

Une fois celle-ci installée, je configure l'ip de management 10.0.0.252/24

ensuite arrivée s

...

Resolved! Captive portal and SSL inbound inspection

Hi Guys,

We have some questions regarding to captive portal and SSL inbound inspection:

Can captive portal be used with SSL inbound inspection to filter users based on their client certificate while still maintaining a mutually authenticated TLS sessi

...

MelLi by L2 Linker
  • 3429 Views
  • 2 replies
  • 0 Likes

Remote access to serial console - how to do it?

Hello

I know that we live in modern world, with smartphones dual ISP and HA and etc. but in some countries we have different reality

I'm looking for solution how to connect to serial console of PA  firewalls remotelly using PSTN line.

The idea is to us

...

_slv_ by L4 Transporter
  • 4603 Views
  • 5 replies
  • 0 Likes
  • 24130 Posts
  • 102 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels