This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

Zone protection UDP flood tuning

So, UDP Flood protection on my untrusted zone kicked in for the first (and second) time last night. The end result was not passing traffic each time for about 5-10 minutes. I'm guessing that the CPU (2050) was just spinning its wheels the entire time. I'm just (blindly) using the default values:admin@PA-2050-1(active)> show zone-protection zo...

MCmgt by L2 Linker
  • 8226 Views
  • 4 replies
  • 0 Likes

Resolved! HA dedicated to Fiber

I'd like to move my HA connection from the dedicated ports to fiber ports, however I don't have the option do change the port. Am I able to do this? Do I have to disable the HA first? Lastly, will I be able to keep the remaining settings?If I am able to do this, is it advisable? I recall from training that running the HA over a network wasn't a ...

Global Protect SSO user id

I have a portal and 3 gateways setup working with LDAP and active directory. It is setup to use user-logon with Single Sign On. All this works without issue. What I am having issues with is I have my firewalls intergrated with LDAP and Active directory groups, I use these groups for policy rules. What I am seeing, is that the Global Protect u...

markk96 by L3 Networker
  • 6807 Views
  • 10 replies
  • 0 Likes

Resolved! PANOS 6 and PA2000 series

we have a really strange issue with PANOS 6 and PA2000 series. Sometimes, suddenly the PA doesn't react anymore. Serial, MGT and other Ports are not reacting. Strange thing, the Ports are blinking, but no traffic goes through. MGT Mort does only glow at the left LED. To get the PA running again, a hard restart (power off/on) is required. We are ...

Hithead by L4 Transporter
  • 7944 Views
  • 12 replies
  • 0 Likes

Resolved! PAN gets low score on NSS test

Are the 2014 NSS firewall tests valid? This year's results are quite different than the previous NSS results. Your thoughts?Palo Alto Networks unexpectedly gets low score on firewall test| Reuters"NSS Chief Executive Officer Vikram Phatak said that Palo Alto had issued two major revisions to its firewall operating system since the last test." "N...

hoehn by L1 Bithead
  • 3647 Views
  • 3 replies
  • 0 Likes

TRAPS is here

We are testing TRAPS in our Lab and are quite happy with the results so far. Anyone else ?

gafrol by L4 Transporter
  • 4336 Views
  • 5 replies
  • 0 Likes

How to publish IIS website with static external IP address

Hi,We have an ECommerce website that need to access our servers that are in our DMZ zone. These servers has IP 172.x.x.5, 172.x.x.6 and 172.x.x.8, these servers are configured in a cluster with IP 172.x.x.7. So incoming and outgoing communication is through the cluster IP address.I configured, if from any source wants to contact IP 194.x.x.187 i...

ZEBIT by L3 Networker
  • 5568 Views
  • 5 replies
  • 0 Likes

Dropbox Upload Block Rule not working

I've created a rule to allow only Dropbox downloads and not allow uploads. The rule doesn't appear to be working. Steps I've taken are below:Generated self-signed SSL certificateConfigured SSL decryption Rule for 'online-personal-storage' URL categoryCreated File-Blocking profile to block upload and allow downloadApplied File-blocking profile to...

Bocsa by L3 Networker
  • 7375 Views
  • 9 replies
  • 0 Likes

Resolved! Trigger throttling based on traffic?

I have heard of others, instead of blocking torrent traffic, allowing it. When it is detected it someone how throttles ALL traffic from that client until the torrent traffic is stopped.As best I can tell we do not have that option of available with the AP. Correct?Thanks,Bob

BobW by L4 Transporter
  • 5982 Views
  • 5 replies
  • 0 Likes

Connect client at boot time

OrThe Further Adventures of a Networking Neophyte PA-200Software Version: 6.0.1GlobalProtect Agent 2.0.4Now what I need, and desire, is to have client PCs, in an office remote from the data center, login to the domain controller -in- the data center. They would like this as transparent as possible, i.e. to present that domain at login via the s...

bdunbar by L3 Networker
  • 6396 Views
  • 9 replies
  • 0 Likes

Resolved! Authorization code issue

Hi,I’m facing problem when trying to activate licenses with the authorization code We have 2 PA NFR 3020, I succeed to activate licenses in the first one , in the second one it told me that the authorization code is already active ( knowing that paloalto send us the same auth for both)the screenshot below Regards,Sarah Hi,I’m facing problem wh...

atelcom by L3 Networker
  • 5704 Views
  • 4 replies
  • 0 Likes

Skype blocking

I have found in testing that with blocking, the application 'skype' and 'skype-probe' if the user is not logged in the policy will block the user from signing into skype, but if the user is already signed into skype and plugs in behind the palo policy, the traffic log shows skype being blocked, but the user is still able to IM. Am I missing som...

markk96 by L3 Networker
  • 8418 Views
  • 15 replies
  • 0 Likes

Resolved! A/P HA with more than 1 passive unit

Hi,We have a customer looking to extend their DR capability to a 2nd physical site (Site B).Currently they have 2 PAN 3050 firewalls in an A/P cluster at Site A. As the new site will be connected via fibre we will split the cluster across both sites.Site B will very much be a cold standby site with no production load under normal conditions. We ...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks