This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4127 Views
  • 0 replies
  • 0 Likes

Resolved! Youtube safe mode

Hello all,Yes its youtube again, for a while now youtube has been working fine since we turned on the safety-mode feature and forced students to select safe-mode.But this week they have been complaining that not all the videos work.I have looked at the logs and there are some videos that have a url at googlevideos.com and these are using the goo...

breezer by Not applicable
  • 3066 Views
  • 2 replies
  • 0 Likes

What do WRED drops and Policing drop on qos mean?

HelloI have made qos configuration. I have questions when am checking qos.Look at the following commandshow qos interface ethernet1/1 hw-counter qid name pass bytes WRED drop policing drop--------------------------------------------------------------------------------0 default 3408809811 0...

Resolved! Captive Portal using client certificates on iOS

Has anyone been able to successfully set up captive portal +Apple iOS devices + client certificates? I have all of this set up but running into a slight issue with iOS devices(works fine with Windows devices). On the iOS device, when opening the Safari browser to get it to auth to captive portal, I get the pop-up that asks me to select the cert...

jambulo by L4 Transporter
  • 5200 Views
  • 2 replies
  • 0 Likes

If we configure Dynamic IP address pools to reserve IP addresses, is there any logging of NAT events?

I have been researching Dynamic IP NAT, and have found the option to configure Dynamic IP address pools to reserve IP addresses for translation. Taken from "Understanding and Configuring NAT Tech Note":Reserving IP AddressesDynamic-IP address pools can be configured to reserve IP addresses for translation. By default, the IP reservation setting,...

IPSEC VPN phase 1 renegotiation

HelloI am facing packet drops whenever the phase 1 re-negotiates. The SA gets expired and deleted but it takes 20 minutes for it to start the P1 phase again. In that period the traffic times out until the P1 starts again after 20 minutes. Below are the logs. I have replaced our gateway address with xx.xx.xx.xx2013-11-05 10:24:02 [INFO]: ====&gt...

shyams by L0 Member
  • 3177 Views
  • 2 replies
  • 0 Likes

Resolved! URL Filtering and SSL sites

Hi all,I have a question regarding URL filtering. I set up URL filtering in Security Profiles to "Continue" for Social Networking. I noticed that if i open the first site under social networking, i get the response page "to continue", after that if i open the 2nd social networking i do not get any prompt, it just opens. And the same for any web ...

Wusu by L1 Bithead
  • 4134 Views
  • 3 replies
  • 1 Likes

Resolved! DNS resolving

I was wondering if there is a way to resolve domain names on a Palo Alto (except ping) and not using a DNS proxy object.Kind regards,Bob

Resolved! How QOS works

Heyjust trying to figure out and play with QOS for understading on how it works for ferther implementaion of QOS policyso my environment is PA-500 with 2 interfaces in VWireethernet 1/11 - vsys3-untrustethernet 1/12 - vsys3-trusthave my computer connected to vsys3-trust (eth1/12)i have configured 2 QOS profiles one for outbound QOS and one for i...

minow by L4 Transporter
  • 5310 Views
  • 1 replies
  • 0 Likes

Pre-Logon without Windows credentials

Hello,I want to test the pre-logon feature of GlobalProtect in our environment.Our clients are using two factor authentication (eToken) for the windows login. So they don't know their windows credentials.We have already installed machine certificates on our clients and the authentication with this certificate works with GlobalProtect. Also when ...

Hithead by L4 Transporter
  • 5308 Views
  • 6 replies
  • 0 Likes

Basic QoS Understanding

So, I'm trying to get a clear understanding of QoS on the PA's. Any feedback / answers would be appreciated:Maximum Egress - Straight forward - the maximum amount of traffic you are allowing out.Guaranteed Egress - This one I'm foggy on. Is it only applied during congestion? Or does it literally "carve out" that much of the pipe for that clas...

mrsold by Not applicable
  • 10696 Views
  • 6 replies
  • 0 Likes

Slow transferspeed over IPSec against ASA5510

One of our customer has a Cisco ASA 5510.We have successfully created a IPSec tunnel and traffic flows both ways, but when trying to transfer a file, the speed caps at ~300KB/s, every 4-5 packets is dropped and the latency goes from ~3ms to 90ms.Both locations has a 100/100Mbit/s access.Any good ideas?

TJ by L1 Bithead
  • 9354 Views
  • 7 replies
  • 0 Likes

User ip mapping with only Global Protect

Hi all,i have a question regarding user ip mapping when only using Global Protect to authenticate users.Without enabling any user-id agent. Neither external on a server, neither on the firewall.It works as Global Protect identifies the logged-on user and uses this information to notify the firewall to place an user-ip mapping.But I have tested t...

Resolved! Let me know how to block virus in SFTP

Hello~As title seeI would like to block virus in SFTPas far as I know SSH Proxy is same as SSL Proxyso I installed Bitvise SSH Server(Personal Version) recentlyI have confirmed be server normallyand than I configured similar as SSL way in PolicyAlso I made Certificatebut Client became bypass PAnot exchange CertificateThere is SSH Server(Linux CL...

User Activity Reports

I really need some help in the correct process of running a user activity report. I have a request to pull the last 30 days of internet activity on a particular user. Every time I attempt this, I get strange results. Either the info only goes back 3 days, or it only summarizes based on application category with no other info. Basically, I want t...

brb by Not applicable
  • 3743 Views
  • 4 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks