This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4110 Views
  • 0 replies
  • 0 Likes

Wildcards in URL filtering for SSL-decrypt bypass

OK, so this is driving me mad and I'm obviously missing something.I've created a custom URL category in which I wish to drop URLs that will bypass SSL decryption. In this I want to use wildcards, so that all sites for a particular company can be bypassed.For the sake of example, let's say the site I want to get to unencrypted is https://www.mic...

segmentation of bandwidth:

Hi All, One of our customers has an internet acces of 20Mbits and 4 types of users so he wants to segment the internet acces into 4 acces in order to ensure that every user groups has a bandwidth of 5Mbits. is it possible to do this treatment with a Palo Alto firewall ?BR,

Lahcen by Not applicable
  • 3825 Views
  • 6 replies
  • 0 Likes

Resolved! How Can I create custom application?

Hello Family~I would like to create custom application,,but It is hard to doanywayrecently I red custom application documentabout uploading.com\. <- why include \ character?I tried to what could have known where document;;help me please,,

ipsec-esp / Protocol 50 invisible in vwire mode ?

We have a Vwire configuration with a paloalto (5.0.6) between a third-party router and the wan port.Security policy is allow any - any for both directions/security zones, log at session start an end.Everything works (as expected), all VPN Tunnels on the third party device are up and running, but we dont see any ipsec-esp traffic in the traffic m...

register by L1 Bithead
  • 5200 Views
  • 5 replies
  • 0 Likes

Resolved! QoS Egress Max 0 = unlimited?

The default setting when creating a new QoS interface for Egress Max is 0. Does 0 mean unlimited or 0 (no bandwidth, no traffic)?Mike

mike_cc by Not applicable
  • 8132 Views
  • 3 replies
  • 0 Likes

Content version 390

Hello All, In content version 390, the ssl traffic is mis-categorized as private-ip-address as a result, this content version is pulled back. The devices which have already seen the content version 390 will try and install it even if you have reverted to previous content version. The devices which have not seen the content version 390 are ...

tshiv by L4 Transporter
  • 1786 Views
  • 1 replies
  • 0 Likes

vpn-ssl Global Protect

helloMy problem is that when a user connects to the overall ssl vpn-protect this lifetime login settings in 1 day and the settings I have for inactivity logout is 3 hours and although the user activity during those three hours it off after that time is not respecting the settings that. I can do about it?

itstrap by Not applicable
  • 3056 Views
  • 2 replies
  • 0 Likes

Resolved! Session Timeouts

So my question is pretty simple.How are timeouts handled on these devices. Does it matter if I have rules based on services vs. applications?We have our global settings on the box set for TCP 3600. We have rules that are service based and ones that are application based. When the firewall identifies the application is seems like it defaults t...

smccall by Not applicable
  • 4964 Views
  • 4 replies
  • 0 Likes

Use x-forwarded- for to apply policy?

Dear all,I have a very important question and need your fast reply please.Can I use x-forwarded-for to show the ip address of the coming users behind a proxy and THEN apply policies based on these users?This scenario intends to apply policies per users while reaching the Firewall with the ip of a proxy. Can I?

gshaker by L1 Bithead
  • 3386 Views
  • 3 replies
  • 0 Likes

Resolved! Webbrowsing on non-standard http ports....

What is the best way for me to implement a rule that allows http traffic over non standard ports?Our security standards require that we use a feature similar to what is available in Checkpoint that allows us to lock the port down based on protocol. Ex: port 55000 is open and allowed assuming the traffic is http or https.Any help would be appreci...

smccall by Not applicable
  • 5115 Views
  • 3 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks