This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4113 Views
  • 0 replies
  • 0 Likes

Resolved! SNMP - partial monitoring (monitoring restricted)

Hi,I would like to know if it is possible to create an SNMP community and restrict access so it can monitor ONLY ONE interface of the firewall Palo Alto. Should not be able to monitor eg CPU utilization and memory firewall.tks, Paulo Aun

Thiago by L3 Networker
  • 3519 Views
  • 1 replies
  • 0 Likes

PA Software Update Notifications

I'm looking for a page somewhere that has the expected release dates for upcoming Palo Alto software updates. Does such a thing exist? I've looked around the site and can't find anything. We are planning on upgrading our firewalls to 5.1 but we can't find the expected release date.

User ID methods?

I am curious how many folks are now using the ID agent that is built into the PA as opposed to the agent that is installed in a windows client?I tried migrating to the built in agent but it seemed to cause excessive CPU usage on my DCs.Thanks,Bob

BobW by L4 Transporter
  • 2551 Views
  • 2 replies
  • 1 Likes

DHCP Relay and virtual routers

Hi,I have a PA500 configured with 2 virtual routersIn both virtual routers I have some zone, interfaces and networks.For example:VR1- Zone1: Network Ethernet1/1.1 - Interface Type Layer3 - Tag 1 - IP 10.168.100.1 / 16- Zone2: Network Ethernet1/1.2 - Interface Type Layer3 - Tag 2 - IP 192.168.50.1 / 24VR2- Zone3: Network Ethernet1/2.1 - Interface...

diennea by L3 Networker
  • 7322 Views
  • 9 replies
  • 0 Likes

Custom App ID - Derived from usernames/http params

I am working with a client in an interesting situation..We are basically needing to limit sections of the network where certain users and login to a web server. For example, only admins can login from zone1 and only users can login from zone2. The application on the web server is not a custom one built by the client but there is no current ID fo...

SDorsey by L4 Transporter
  • 2654 Views
  • 2 replies
  • 0 Likes

Dynamic update internal firewall

Hi all,We have an internal firewall that does not have no Internet access. I wonder what is the best way and best practice in updating the IPS / AV signature (no URL filtering).Any recommendation?Thanks

Remote Client VPN Configuration Options

Is it possible to configure remote vpn client access without a Global Protect Gateway license? It seems that remote client vpn configuration depends on HIP Objects/ Profiles, which in-turn requires Global Protect licensing. Is there a way to configure ip-sec for remote client access? The ip-sec/ ike configuration options seem relevant to site-to...

phoberg by L0 Member
  • 4637 Views
  • 4 replies
  • 0 Likes

Setting up second gateway: Gives Cert CN error

Hello all,I have a (working) Global Protect Portal+Gateway envrionment. I am now trying to setup a gateway in a second datacenter. I have setup the same GP-cert and Client-Cert, cert_Profile and GP Gateway settings. The gateway works, when setting a portal on the second datacenter machine and logging on through it, but not when using the origina...

bsanders by L2 Linker
  • 3888 Views
  • 2 replies
  • 0 Likes

How to custom a DNS query and block it ?

There has Dynamic Block Lists to block unwanted IPs.And there has DNS signature in Anti Spyware profile.Above are all helpful to block malicious sites.And if I found a bad dns query, is there any way to create custom dns block lists?

Yscheng by L0 Member
  • 2016 Views
  • 1 replies
  • 0 Likes
  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks