This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

QoS Bandwidth Per User

I would like to be able to limit our users to a certain amount of bandwidth at a time. I know I can do this for individual IPs, however is there a way with QoS to basically say, don't allow each individual IP on the network any more than 25Mbps or something along those lines?As it is now, I am having to setup DHCP reservations when I find a stu...

Resolved! Is it possible to have Global Protect start on Windows and Mac automatically?

Is it possible to have Global Protect start on Windows and Mac automatically when logging in? On a Mac I have added the Global Protect (GP) application to 'Login Items' (System Preference -> Users & Groups --> Login Items). GP starts automatically when logging in, however I am getting an error message saying 'Detected another instance ...

bbsoc by L2 Linker
  • 5897 Views
  • 4 replies
  • 0 Likes

Do Management Port, Console Port use MP?

Hello~PA Devices'plane divide MP, DPMGT, Console Port, Dedicate HA1, and usb port connect to MPand than the others port connect to DPIf RJ45 or SFP can be given mgt function or HA1 backup portDoesn't that use dp resource?If MP is worried Can HA1 Port keep communication between each device?

Treating & Blocking "incomplete" TCP traffic like a Brute Force?

Short question - can it be done?Now, I know what "incomplete" entries are in the log - they are failed 3-way handshakes, or ones that completed with no additional data. The problem is that "incomplete" is not an application or vulnerability that I can select and apply to rules in order to drop it. Now, I realize I could get rid of it by crafti...

aaronm by L1 Bithead
  • 5132 Views
  • 3 replies
  • 0 Likes

Monitor ISP with PA 3020

What is the method to monitor an ISP bandwidth usage through the palo alto firewall especially if you do not have google chrome?

infotech by L4 Transporter
  • 2562 Views
  • 2 replies
  • 0 Likes

Resolved! Optimizing a particular website

We have a website which all of our 500 users use daily. Our users do a lot of streaming (youtube, netflix, you name it). Depending on the user the "allow" rule for http, https and New-relic coudl be as much as 40+ rules down.Would it be beneficial to put a rule specific to that URL at the top of the site and disable AV, antispyware, "disable s...

BobW by L4 Transporter
  • 4226 Views
  • 3 replies
  • 0 Likes

Importing a Customized Captive Portal Response Page ... Uploading forever

Hi guys,I´m trying to import in PanOS 4.1.11 a Customized Captive Portal Response Page and when I click on Import the result is a Dialog Box that says Please Wait and Uploading for ever and ever.Can somebody tell me how can I import this customized response Page?Is it a bug? When i imported a URL Filtering both Block and Continue / Override Page...

Pepen by L1 Bithead
  • 4965 Views
  • 5 replies
  • 0 Likes

Domain User Names not showing in Group-Mapping

This is driving me crazy and looking for some input...I have the User-ID Agent installed on my single domain controller which is running fine and connected to the PAN on version 5. Using an example below (my domain is different), I've duplicated the Group mapping setting, but expanding the Group Include List, I can see all the groups, just not D...

robg303 by Not applicable
  • 9815 Views
  • 9 replies
  • 0 Likes

Resolved! Device administrator rights

Hi, -one stupid question: why "device administrator" can't load, export/import configuration (can only superuser)? In Setup -> Operations tab only setting is - validate candidate configuration.. If i create custom Admin role with all rights, in setup -> operations tab i only can validate configuration. And reboot device, shutdown device, ...

Interface by L3 Networker
  • 5733 Views
  • 3 replies
  • 1 Likes

Resolved! Tracking an infected computer

I got a notice from my ISP that we have a Conficker infected system (downadup) but I am coming up with nothing when I try to find it. The less than helpful info I recieve is the first octet of the target IP (38) and source port 61494, which map to hundreds of system. I also have a destination port of 80, again very helpful. The firewall is NA...

Resolved! Can I create custom application with destination IP and TCP/UDP port?

Hello,I know that FW can control application correctly when has L7 signature.But my customer want to create application signature more simple and easy for internal trust server.For example, There is 192.168.1.1 web-server. He want to create app "our-web-server" for destination IP and port are 192.168.1.1:80.Can FW be available?Thanks.

Resolved! Replay pcap

Is there any way that I could feed a pcap into the firewall? What I would like to do is take a pcap and run it through a monitor port to test out some rules and IDS settings. Right now my plan is to use tcpreplay, but I was curious if there was any way to do this natively in the firewall.

hkp by Not applicable
  • 7436 Views
  • 4 replies
  • 0 Likes

report custom

HelloI'm looking for solution how to create custom report that shows login and logout of Global VPN users. In this report I need time of connection/disconnection IP login name and status (success or false) of connection.Help me pleaseWith regardsLuigi

Active Directory Group not in dropdown

I have created a new group in Active Directory, but the PAN doesn't show the new security group in the drop down menu (Security Policy Rule -> User.Add) when adding a new policy. Is there something more that I need to do?

bmilroy by L1 Bithead
  • 4201 Views
  • 5 replies
  • 0 Likes
  • 24379 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks