This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4114 Views
  • 0 replies
  • 0 Likes

SSL Decryption

Hello,We have quite a few students using hotspot shield and other tunneling apps to get around our filter. I've been successful in block a majority of them by blocking the hotspot shield app. However there are still a number of them getting though by creating tunnels on port 443. In this case we would want to do outbound ssl decryption correct? ...

cpkaiser by Not applicable
  • 4345 Views
  • 5 replies
  • 0 Likes

Resolved! Can not check Forward Trust Certificate

Hi All,My device is PANOS 6.0.5;I have a problem with Certificate configuration.On my device, I generate a Certificate follow How to Generate a CSR(Certificate Signing Request) and Import the Signed Certificate; After, my 3rd party CA issue complete, I import the issued certificate (crt file) successfully and status is "valid"I can check "Certif...

Certificate Bundle

Hi,I'm get error on commit: "Warning: cannot find complete cerficate chain for certificate Certificate_Bundle"I notice there are three bundles in the device certificates, but how do I know which bundle is being used?How to I test this without breaking it.....Thanks

asabadin by L1 Bithead
  • 5764 Views
  • 6 replies
  • 0 Likes

How to read SNMP Values from VPN-Tunnel-Interfaces?

Is it very easy to read SNNP Values from physical interfaces:Connect the SNMP Browser to the PASet the right Community password:PA shows you the interfaces - but only the physical IFs.How to read SNMP Values from VPN-Tunnel-Interfaces?RomanSee: Palo Alto Tunnel Interfaces | thwack

rkra by L2 Linker
  • 3138 Views
  • 4 replies
  • 0 Likes

Resolved! GlobalProtect Client and Windows 8

PA-200Software version 6.01GP Agent 2.0.4I've installed GP client on perhaps a dozen workstations, and finally have one that will not authenticate. Help.Installed the machine certificate okay, installed the agent. Opened the app from the system tray, put in correct credentials, click 'Apply' and .. nothing happens.Where do I begin troubleshoot...

bdunbar by L3 Networker
  • 7106 Views
  • 6 replies
  • 0 Likes

HA failover when 1 port loses conectivity

Looking for ways to setup a PA5020 pair for HA that takes into account if the link to one interface goes down the system fail over. I have hear of possibilities of using a "HEARTBEAT" up the link to cause the failover when it fails.

Resolved! Captive Portal Authentication - External and Local Domains

Hello Everybody!Our Captive Portal is configured to authenticate according an "authentication sequence" LDAP based (LDAP-Local-Auth). We set 4 different AD servers from different Offices as per belowCaptive Portal can authenticate only for first 2 servers.... When users from AD-MEX try to authenticate they receive this pageAt monitor > system...

Software Update Issue

Last month I upgraded to 6.0.4 with no issues. I upgraded my primary, then upgraded the secondary five days later. Again, no problems.When I upgraded to 6.0.5 h3 (this past weekend), the PA would not pass traffic. I returned to 6.0.4 and traffic restored. I then tried 6.0.5 and had the same problem - no traffic.I followed the same procedures as...

Resolved! LACP support

Hi All,Is it planned on some road map to have support for LACP (Link Aggregation Control Protocol, 802.1ax) on PAN firewalls?Regards,Tician

Tician by L3 Networker
  • 4217 Views
  • 2 replies
  • 0 Likes

How to use dynamic block list?

Hi All,Kindly help me to understand this, How to use dynamic block list? how it will work? and where to use this ( in policy)?Regards,Gururaj

Gururaj by L4 Transporter
  • 5796 Views
  • 6 replies
  • 1 Likes

microsoft ntfs file sharing

hii have 2 zonesmy storage (storage is configured as cifs) is in one zoneusers in other zonei need to allow the users access to the storage using only standard Microsoft file sharinghow can i do that ?

Application Delivery Controller

Hi All,I know this may not be the correct place to discuss this however where I am I don't get the best response to feature requests.What I was wondering is there any chance PAN is looking to create a load balancer (ADC), as it is the one area of our networks that is missed by the PAN devices as any traffic they see is SSL passed through to our ...

bcsgroup by L2 Linker
  • 8639 Views
  • 6 replies
  • 1 Likes

Resolved! Url Filtering

I am trying to figure out url filtering. My company has me blocking web-based email url category. I have just been asked to allow certain users access to https://gmail.google.com so I created a custom url category and placed https://gmail.google.com in it and then created a rule with the source interface, the domain group and the destination ...

markk96 by L3 Networker
  • 4647 Views
  • 6 replies
  • 0 Likes

Resolved! multiple users same machine privileges crossed

currently have a customer using radius authentication on the wireless and user-id on the PA. The problem is when two different users use the same machine. Teacher logs in and gets a policy applied to the session going through the firewall and she logs out and a student logs in to the same machine, that student has the same privileges through the...

Zone protection UDP flood tuning

So, UDP Flood protection on my untrusted zone kicked in for the first (and second) time last night. The end result was not passing traffic each time for about 5-10 minutes. I'm guessing that the CPU (2050) was just spinning its wheels the entire time. I'm just (blindly) using the default values:admin@PA-2050-1(active)> show zone-protection zo...

MCmgt by L2 Linker
  • 8224 Views
  • 4 replies
  • 0 Likes
  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks