General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 194 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 877 Views
  • 0 replies
  • 0 Likes

Problem with chained Cert

Hello

I made a CSR. Got my Cert and did the stuff mentioned in the "how to chained certificate", Copied the intermediate on top of my cert.

but the PA-500 did not accept it. okey i tried it without the intermediate cert text - and it worked. Request is

...

User_333 by L2 Linker
  • 1822 Views
  • 1 replies
  • 0 Likes

Resolved! Youtube safe mode

Hello all,

Yes its youtube again, for a while now youtube has been working fine since we turned on the safety-mode feature and forced students to select safe-mode.

But this week they have been complaining that not all the videos work.

I have looked at t

...

breezer by Not applicable
  • 2545 Views
  • 2 replies
  • 0 Likes

What do WRED drops and Policing drop on qos mean?

Hello

I have made qos configuration.

I have questions when am checking qos.

Look at the following command

show qos interface ethernet1/1 hw-counter

qid   name                 pass bytes       WRED drop   policing drop

------------------------------------

...

Resolved! Captive Portal using client certificates on iOS

Has anyone been able to successfully set up captive portal +Apple iOS devices + client certificates? I have all of this set up but running into a slight issue with iOS devices(works fine with Windows devices).  On the iOS device, when opening the Saf

...

jambulo by L4 Transporter
  • 4600 Views
  • 2 replies
  • 0 Likes

IPSEC VPN phase 1 renegotiation

Hello

I am facing packet drops whenever the phase 1 re-negotiates. The SA gets expired and deleted but it takes 20 minutes for it to start the P1 phase again. In that period the traffic times out until the P1 starts again after 20 minutes. Below are t

...

shyams by L0 Member
  • 2767 Views
  • 2 replies
  • 0 Likes

Resolved! URL Filtering and SSL sites

Hi all,

I have a question regarding URL filtering. I set up URL filtering in Security Profiles to "Continue" for Social Networking. I noticed that if i open the first site under social networking, i get the response page "to continue", after that if i

...

Wusu by L1 Bithead
  • 3538 Views
  • 3 replies
  • 1 Likes

Resolved! DNS resolving

I was wondering if there is a way to resolve domain names on a Palo Alto (except ping) and not using a DNS proxy object.

Kind regards,

Bob

bdeschut by L4 Transporter
  • 2486 Views
  • 1 replies
  • 0 Likes

Resolved! How QOS works

Hey

just trying to figure out and play with QOS for understading on how it works for ferther implementaion of QOS policy

so my environment is PA-500 with 2 interfaces in VWire

ethernet 1/11 - vsys3-untrust

ethernet 1/12 - vsys3-trust

have my computer conn

...

minow by L4 Transporter
  • 4971 Views
  • 1 replies
  • 0 Likes

Pre-Logon without Windows credentials

Hello,

I want to test the pre-logon feature of GlobalProtect in our environment.

Our clients are using two factor authentication (eToken) for the windows login. So they don't know their windows credentials.

We have already installed machine certificates

...

Hithead by L4 Transporter
  • 4429 Views
  • 6 replies
  • 0 Likes

Basic QoS Understanding

So, I'm trying to get a clear understanding of QoS on the PA's.  Any feedback / answers would be appreciated:

Maximum Egress - Straight forward - the maximum amount of traffic you are allowing out.

Guaranteed Egress - This one I'm foggy on.  Is it only

...

mrsold by Not applicable
  • 8456 Views
  • 6 replies
  • 0 Likes

Slow transferspeed over IPSec against ASA5510

One of our customer has a Cisco ASA 5510.

We have successfully created a IPSec tunnel and traffic flows both ways, but when trying to transfer a file, the speed caps at ~300KB/s, every 4-5 packets is dropped and the latency goes from ~3ms to 90ms.

Both

...

TJ by L1 Bithead
  • 8071 Views
  • 7 replies
  • 0 Likes

User ip mapping with only Global Protect

Hi all,

i have a question regarding user ip mapping when only using Global Protect to authenticate users.

Without enabling any user-id agent. Neither external on a server, neither on the firewall.

It works as Global Protect identifies the logged-on user

...

Resolved! Let me know how to block virus in SFTP

Hello~

As title see

I would like to block virus in SFTP

as far as I know SSH Proxy is same as SSL Proxy

so I installed Bitvise SSH Server(Personal Version) recently

I have confirmed be server normally

and than I configured similar as SSL way in Policy

Also

...

  • 24011 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels