General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! can we block sending web based email

Hi all,Is there a way to block only sending an email from web-based email portals(all or common of them, hotmail,gmail etc)so that users can read their email but cannot send any ?

PanIst by L3 Networker
  • 4047 Views
  • 3 replies
  • 0 Likes

Java version detection and blocking old version

Hi,With more and more vulnerabilities in Java, I would like to know if there is any way in PAN firewall to identify and blocked non latest Java traffic? The goal is to identify machines and inform owners to update their Java version. If not then block the Java traffic from that host.Thanks in advance.

Global Protect and split-tunnel, strange behavior from Facetime

We have set up Global Protect with split-tunnel for mobile clients (iPhone, Android). The goal is that ActiveSync is using the tunnel to reach internal servers, and all other traffic can go directly to the internet. GP is set up to distribute routes to two internal networks to the clients through the Access Route parameter in Gateway configura...

arnljot by L1 Bithead
  • 4487 Views
  • 5 replies
  • 0 Likes

Resolved! PANOS 6.1 Related Log Detail View Enhancements

Greetings all!I have updated several PAN firewalls to 6.1. Today, I noticed this entry on page 5 of the guide:Related Log Detail View Enhancements To make it easier to correlate log information from a session, you can now click through the related logs in the Detailed Log View without closing the window and switching views. You can switch betw...

SDorsey by L4 Transporter
  • 5326 Views
  • 3 replies
  • 0 Likes

Resolved! Panorama for logging/reporting ONLY

If I want to use panorama for extended logging and reporting functionality only, are there any settings or configuration needs that I should be aware of? Should I disable the panorama objects and templates?

jclingan by L0 Member
  • 5741 Views
  • 4 replies
  • 0 Likes

Resolved! About Captive Certificate

Hi all,To make visitors not having ssl warning for Captive portal page;is there a way to do that without purchase a certificate ?(no way for importing cert to the clients)

PanIst by L3 Networker
  • 4038 Views
  • 4 replies
  • 0 Likes

configuration basique Accès Externe

Bonjour,Je suis tout nouveau avec palo alto.j'ai installer une machine virtuelle VM-100 avec le model OVF, sans licence car je souhaite tester celle-ci en LAB.Une fois celle-ci installée, je configure l'ip de management 10.0.0.252/24ensuite arrivée sur l'interface Web, comment et que faire exactement pour configuré ma carte WAN?les informations ...

Resolved! Captive portal and SSL inbound inspection

Hi Guys, We have some questions regarding to captive portal and SSL inbound inspection:Can captive portal be used with SSL inbound inspection to filter users based on their client certificate while still maintaining a mutually authenticated TLS session between client and the end server.Can the client certificate used in the mutually authenticate...

MelLi by L2 Linker
  • 4481 Views
  • 2 replies
  • 0 Likes

Remote access to serial console - how to do it?

HelloI know that we live in modern world, with smartphones dual ISP and HA and etc. but in some countries we have different reality I'm looking for solution how to connect to serial console of PA firewalls remotelly using PSTN line.The idea is to use phone line not any kind of internet access bacause internet access is broken or PA device is in...

_slv_ by L4 Transporter
  • 7941 Views
  • 5 replies
  • 0 Likes

Resolved! PBF and failover

Hello all,I had a question regarding PBF and how the failover works.I have Internet circuit A and Internet circuit B, each through a different ISP. All traffic and VPN tunnels go through circuit A. I create a PBF rule to route web-browsing and ssl traffic only (using application-default) through circuit B. It is my understanding that failover...

ClintL by L2 Linker
  • 4999 Views
  • 3 replies
  • 0 Likes

YIK YAK

Due to Cyber-bullying issues we have blocked access to Yik-Yak over our Campus Wi-Fi network. The application filter worked for a few weeks but after a recent update to the yik yak app the filter is no longer functioning. I have had to resort to blocking IP's which is becoming a hassle since they have spread their service all over AWS.Any idea w...

wmumper by Not applicable
  • 7226 Views
  • 7 replies
  • 0 Likes

Anyone using iOS 8 and Globlal Protect?

Ever since our users started upgrading the iPads to iOS 8, we have been noticing that the Global Protect VPN connection gets disconnected rather quickly.From my own experience, it looks like I get disconnected after a few minutes(judging by the Traffic Logs) but the VPN icon still shows on the iPad.This is causing trouble for our users because t...

jambulo by L4 Transporter
  • 3905 Views
  • 6 replies
  • 0 Likes

What is the Query Builder Syntax to filter on a range of Source Address IPs when creating custom report from URL Log?

How do I create one filter for a range of IP addresses without having to create a filter for each individual IP? Anything I try comes up as invalid filter syntax. I am trying to use the 'in' operator to define an IP range or VLAN (i.e. - none of 192.168.61.1-192.168.61.254, 192.168.61.0 or 192.168.61/24 are valid value for the filter). I cannot...

jmcnemar by L0 Member
  • 5998 Views
  • 4 replies
  • 0 Likes

Resolved! GlobalProtect client logging

Hello,The GlobalProtect version we are using is 2.0.4 (the free single gateway version in on demand mode), the firewall is on 5.0.8. The problem I am hearing about is that some people are having trouble connecting, the icon spins and is not able to connect. They are able to hit the web so the plumbing is working good enough for http traffic but ...

ldavie by L2 Linker
  • 5305 Views
  • 4 replies
  • 0 Likes

Resolved! PanOS 6.1.0 and Bash

I see what might be conflicting claims regarding Bash and its full remediation in 6.1.0. Here I see that 6.1.0 is still vulnerable to bash based on the claimsPalo Alto Networks Product Vulnerability - Security AdvisoriesHowever, here I see that at least CVE-2014-7169 is claimed to be remediated. I'm hoping that means CVE-2014-6271 is no longer...

  • 24395 Posts
  • 123 Subscriptions
Top Solution Authors
Labels