This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4117 Views
  • 0 replies
  • 0 Likes

Resolved! Apply policy on a vwire interface in passtrough mode

I want to apply a policy on my vwire interface but i have this error: Operation Commit Result Failed DetailsIn VSYS vsys1 from zone VW-MPLS-Trust of type vwire and to zone UNTRUST of type layer3 are incompatible in security rule Application block Configuration is invalid Is it possible to know how to apply a policy to this interface, if ...

dsevigny by Not applicable
  • 2934 Views
  • 2 replies
  • 0 Likes

Disable Inspection for Sip ?

In the ASA you can disable SIP Policy Inspection. In the Junipers I think you disable the ALG. How do I do this in the Palo Alto ?Firewalls often try to apply rules around the way protocols work which can cause them to break. I dont want SIP to be inspected or held against some EEE Group Standard. This might be breaking some video conference tra...

jhickey by L3 Networker
  • 12722 Views
  • 6 replies
  • 0 Likes

Good Technology Issue

Currently, we are experiencing an issue with a product called Good Dynamics version 1.4.31.5. The vendor "Good Technology" is stating that the Palo Alto firewalls are causing an issue with some sort of SSL heartbeat connection. Is there an know issue with this software work through the PA architecture? Any help would be appreciated.Randy

Westar by L0 Member
  • 1921 Views
  • 1 replies
  • 0 Likes

machine authentication

hello!we have a need to identify user machines associated with a domain. specifically, we want to create security policies based upon domain membership. is that even possible, and how would we achieve this functionality?thnx!

Resolved! SSL Decryption Whitelisting

So, I have just implemented SSL Decryption in our environment and we hit a website that appears to not work properly because of it. (It's sap.com, click on the login link in the upper right.) We don't see any errors in the firewall but the login prompt doesn't come up for us.The question is, is there any way for me to whitelist *.sap.com from SS...

Eval question

Given a flow and properly written policy to allow Facebook and its myriad apps/widgets on port 80/443, other than the admin management overhead (i.e., having to open ports 80 and 443), how is what Palo Alto does different from what Checkpoint does?This question addresses the quote below (found on the link shown).http://researchcenter.paloaltonet...

derasa by L0 Member
  • 2130 Views
  • 1 replies
  • 0 Likes

Counter to identify if device is dropping traffic

Hi Everyone,I am looking for help to identify the best way to see if my firewall is dropping traffic because it cannot keep up with the amount of traffic going through the interface. I want to make sure my firewall can keep up with the amount of traffic going through it. Also, I am looking for any other ways to determine if my firewall is not ...

What is the default syslog format in PanOS 5.x?

For all the various log types (config, system, threat, traffic, HIP) what is the default syslog format?All the fields are available to edit in when creating a custom log, but it would be useful to have the default format defined for reference.

bds by L0 Member
  • 2785 Views
  • 1 replies
  • 0 Likes

external captive portal

I'm thinking about trying something a little out of the square with user-id and captive portal. Let me start with the context and business goal:The PAN is deployed as a data centre firewall.I'd like to use some policies that permit clients access to an application only if the user is known.I'd like to use some policies that permit clients access...

Global Protect 2-factor Auth & User-ID Mapping

Hi All,I'm migrating from ASA to Palo Alto including user VPN access (AnyConnect). The setup will be 2 factor authentication with LDAP/Kerberos (not sure which yet) for the portal and OTP via RADIUS for the gateway.The current setup allows access lists to be applied via the vpn policy to each authenticated user group limiting their access to in...

Resolved! Deepnet 2-factor Authentication

Hi Everyone,I have a client that is migrating to Palo Alto firewalls. I'll be implementing Global Protect SSL VPN replacing the existing Cisco Anyconnect.The client utilizes DeepNet 2-factor authentication for SSL VPN. I was wondering if anyone had any experience implementing RADIUS authentication with DeepNet?Do VSAs need to be setup on the D...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks