This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 487 Views
  • 0 replies
  • 0 Likes

Having trouble granting access for an application

Hi!

One of our customers have RDP access to a server, works like a charm.

And now I was about to grant access to an application using port 4850 and 4851, but it would seem that this wouldn't be that simple.

I've attached the NAT of the working RDP, and

...

Resolved! vsys and subinterfaces

Hi

I have an aggregate interface with a subinterface assigned to vsys1. Is it possible for another subinterface of the same aggregate to be assigned to a different vsys?

i.e.

ae1.10 (vlan tag 10), layer 3 type, assigned to vsys1

ae1.20 (vlan tab 20), lay

...

SteveMc by L1 Bithead
  • 5779 Views
  • 2 replies
  • 0 Likes

Resolved! Query job expired when exporting logs to CSV in Panorama

Hi,

I am trying to export URL logs from Panorama to a csv. file, using the Gui, but after a while of Panorama trying to export them, I get the error: Query job expired.

I am trying to export all the URL logs for a user, and there are quite a lot of the

...

MMCiobanu by L3 Networker
  • 3200 Views
  • 2 replies
  • 0 Likes

AD Authentication Problem with Secondary Firewall

HI friends..


I am having two Palo Alto Network ( PAN-PA-3020 ) firewall installed in HA  mode (Active-Passive) .

  My problem is when ever my Primary FW goes down or change to passive and Secondary become Active, My Active directory authentication  bec

...

Satish by L4 Transporter
  • 5446 Views
  • 14 replies
  • 0 Likes

Problems with SSL-Decryption

Hi,

since a few days, we have more and more websites, which we are unable to login. After further investigation i'm sure there's something wrong with SSL-decryption, if I exclude the IP from encryption the sites work. But formerly the problem doesn't

...

ITSama by L2 Linker
  • 3951 Views
  • 5 replies
  • 0 Likes

captive portal issue

Hi All,

We configured captive portal-redirect with local db

when unknown users(who are not in AD,belongs to local db) redirected and web form is authenticated.

But the problem is they can't browse internet. Browser shows" page not loaded" to those user

...

Javith by L3 Networker
  • 2665 Views
  • 3 replies
  • 0 Likes

Resolved! Domain Administrator no Authentication??

Has anybody an idea, why the Active-Directory authentication works from every location in our company with every domain-user, but if I use the Domain-Administrator-Account I always forced to use the login credentials with Captive-Portal??

ITSama by L2 Linker
  • 5211 Views
  • 6 replies
  • 0 Likes

Resolved! Trusting QOS markings

will the PAN-OS automatically trust markings applied by other systems on the network or do I need to make a policy in addition to the policy on the rest of the network?

kkeeton by L2 Linker
  • 10252 Views
  • 10 replies
  • 0 Likes

email notification

Is it possible to set up a notification by email to let you know when one and only one vpn tunnel goes down? I also want to be able to turn it off once I am done troubleshooting

infotech by L4 Transporter
  • 4134 Views
  • 8 replies
  • 0 Likes

Allow Spotify authentication, but not streaming

It there a way to allow Spotify to authenticate, but disallow streaming (both from web and apps?)

As-is there are only one AppID for Spotify, and this blocks everything.

Users having the app in offline mode has go go online every 30 day to regain new 3

...

Start VPN from C# or script

Hello!

Is there a way to instruct the Windows GlobalProtect Agent 2.0.3-5 (that ist completely configured for the current Windows User) to Start the VPN from C# (or from within a script)?

Thanks for any Ideas,

Jürgen.

Firewall he is covering under some vulnerability

Hi friends,

Need suggestion

Actually when auditor running Vulnerability scaner tool then on Firewall he is covering under some vulnerability

> Upgrade to the latest version of OpenSSL

>  Use a strong key

>  Disable SSL support for weak ciphers

So for the

...

Satish by L4 Transporter
  • 2136 Views
  • 3 replies
  • 0 Likes

DSCP marking over ipsec VPN

Hello,

I inherited a network with 4 sites connected together via 3 PA-500's and a PA-2020. We have implemented Lync for VOIP and I'm having issues getting packets to retain their tags across the VPN (internal to the tunnel is all I want) I can't seem

...

traty by Not applicable
  • 5499 Views
  • 4 replies
  • 0 Likes
  • 23878 Posts
  • 113 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks