This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4141 Views
  • 0 replies
  • 0 Likes

User Identification using Windows NPS?

Is it possible to have the user ID agaent look at NPS events to determin a user is authenticated? I am trying to find a way to ID users on a wireless network without using captive portal. My users are all Active Directory users and the devices they would connect with are BYOD. I was hoping that we could have them connect to the WLAN using aut...

mgonzalez by Not applicable
  • 6157 Views
  • 4 replies
  • 0 Likes

malware??

Dumb question perhaps, but why is www.googletagservices.com/tag/js/gpt.js being flagged as a malicious URL? It doesn't come up that way in PA's URL filtering site.It's created a considerable jump in my botnet list.Thanks in advance...//moe

Wildfire Signature Based Blocks

Hopefully a quick question - is there any way to determine whether a executable has been blocked because it was a Wildfire derived signature (for paying customers). It may be obvious when it happens, but hard to know if it has etc.Would like to be able to correlate the protection afforded by the service by providing a discrete count of executab...

apackard by L4 Transporter
  • 5732 Views
  • 6 replies
  • 0 Likes

Site-2-Site IPSEC Tunnel won't come online

i have three offices:office 1: US - northeast 1.1.1.1 PAN-500HAOffice 2: US - southeast 2.2.2.2 PAN-3020HA HQ siteOffice 3: Shanghai China 3.3.3.3 PAN-200all three IPSEC tunnels were up and running. My Office 3 moved locations and when they did that we obtained a new static IP from the executive office we moved into. We updated the fire...

Resolved! Manage policies using CLI from a computer

Hi,We need to programmatically toggle our PA500's GUI setting "Policies / Captive Portal / My_CP_Policy / Action" between "no-captive-portal" and "web-form" from a windows server.I assume that this is possible using CLI remotely, but where can I find documentation how to setup everything for a task like this?Thanks a lot for help on thisregards...

Using Netflow v9 in a Active/Active cluster

I configured a Netflow profile and associated it with a "Untrust" Interface on my active Machine in my setup.I was surprised seeing that the second Active machine got this assotiation too. So I accume both machines are sending to the same receiver and to the same port.I'm new to Netflow and my question is: How does the receiver distinguish which...

rkra by L2 Linker
  • 1879 Views
  • 1 replies
  • 0 Likes

Terminal services agent issue with traffic dropping

Hi,We currently let our TSA connect to our management interface. This is however causing problems in that in about 30 mins all traffic is dropped on the management interface. The GUI and CLI and such are time-outed then. To resolve this we need to remove the TSA on the PA and the interface works fine again.Support recommends to provision an dedi...

Resolved! Pre-Logon Global Protect

Got the pre-logon function working ok. The problem i have is that it doesn't seem to start quick enough to process login scripts etc.For example when I log onto my network LAN using the laptop the drives are mapped and i get a pop up announcement message - all standard stuff.When I then take the laptop off the LAN and connect it to the internet ...

djrodb by L3 Networker
  • 9277 Views
  • 3 replies
  • 0 Likes

Grouping Countries

Hello,I've been asked to block certain countries...- All of Europe except Spain- All of Asia (except Japan, Australia, Korea, Singapore, Taiwan)- All of AfricaI figured I could add those countries to a "Denied Countries" group to use in a security policy but I don't see the countries listed when I try to create my address group... they only exis...

dwoolley by L1 Bithead
  • 4736 Views
  • 4 replies
  • 0 Likes

Resolved! Public IP Behind PaloAlto

We have a /24 public IP network where some of the IPs will not NAT and some will NAT. For the scenario were there will be no NAT, the host behind the PaloAlto will have a public IP assigned to the NIC. Under what scenario would I break up the /24 into smaller subnets or leave the subnet as a large /24. This is for a pa-500 in Layer 3 configur...

Resolved! Is it possible to create reports or graphs displaying type and amount of transported data, sources and dests?

Where to start with this topic:I can monitor the bandwith with SNMP and PRTG Network Monitor.Now I'm interested in data >>>PA can provide <<< about types of data, sources and destinations?I would like to check e.g. this:How much VoIP is running through the PA?Who is downloading most data at the moment.a.s.o.I know there is sflo...

rkra by L2 Linker
  • 4186 Views
  • 5 replies
  • 0 Likes

is it possible to forward clients with paloalto for websense ?

Hi all,There is a topology like below.Clients using Cisco vpn and they are enforced to use some proxies(enforced from Active Directory)There is a Local Websense but it cannot be used because of that enforcement.Can Paloalto firewall decrypt that SSL traffic and make websense available to use ?is that possible ?Cisco Any Connect Client-----------...

Resolved! Failure to Delete a Certificate

PA-200PAN 6.01I imported a certificate, but failed to do something correctly. I wanted to delete the cert, and start over. When I select the certificate 'ServicesVPN' and click Delete I'm told ... 1- Failed to delete Certificate - ServicesVPN. ° ServicesVPN cannot be deleted because of references from: ° deviceconfig -> system -> sy...

bdunbar by L3 Networker
  • 10077 Views
  • 12 replies
  • 0 Likes
  • 24340 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks