General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 2907 Views
  • 2 replies
  • 14 Likes

Resolved! Mac OSx & UserID

I have a question. Maybe someone has run across this.

I am using the server monitoring function of Palo

I realize that I can use the user-ID agent and set it to never forget the user mapping, but I am looking for a more accurate way of keeping this map

...

JoeU by L1 Bithead
  • 4927 Views
  • 5 replies
  • 0 Likes

Security Policy's and NAT

Hi,

I Have configured a BYOD wireless ssid that is being forced to the internet via a port on our 2050. I am trying to get the network to be able to contact our mail server for exchange on mobile devices and also to have access to our content server r

...

mavant by Not applicable
  • 4622 Views
  • 11 replies
  • 0 Likes

Resolved! 2 isp 2vr asymmetric

Hi,

2VR 2isp,2 seperate default GW (2 ppoe modems)

PC A ---- internet through ISP 1

we want to RDP TO ISP2's public ip and make destination NAT to PC A

How can we make this work ?

New enforce symmetric return did not work .commit fails with ppoe is not su

...

panos by L6 Presenter
  • 2926 Views
  • 5 replies
  • 0 Likes

Destination NAT/PAT clarification

Prior to shooting myself in the foot I want to make sure I'm on the right track.

I have an application where I'd like to take inbound connections directed at a particular port on my untrusted "outside" FW interface and redirect them to the same port o

...

MCmgt by L2 Linker
  • 5207 Views
  • 8 replies
  • 1 Likes

Resolved! Google Mail for Business

Hi all,

Anyone has experience in using SSL decryption with Google Mail for Business? My concerns are the incoming emails will no longer go thru our mail content filtering engine and we don't have adequate tools to prevent data loss in outgoing mails (

...

Resolved! Question regarding ARP timeout

Hi,

I have a question regarding ARP caching and timeout on the Palo Alto platform.

Based on the output of the "show arp all" command, it looks as if the "default timeout" is 1800 seconds.  I am doing some work with failover for a cluster inside my fire

...

dsulli99 by Not applicable
  • 2526 Views
  • 1 replies
  • 0 Likes

Firewall is doing packet captures on it's own

Hi,

I just noticed two traffic log entries that had packet captures attached. I didn't enable this anywhere, and just to make sure, I just went through the whole config (all profiles) to make sure I didn't enable it by accident. Are thre any circumsta

...

Groups that the user belongs to

Hi,

When we want to look at ip address of a user

show user ip-user-mapping ip  ........

Groups that the user belongs to (used in policy) comes empty.

I tried

debug user-id refresh group-mapping all

Also I can see all gorups on group mapping.

panos by L6 Presenter
  • 2028 Views
  • 4 replies
  • 0 Likes

TS Agent on Citrix XenApp 6.0 farm

Hello,

Our XenApp farm IP range is dynamic and the servers could spin up on any number of IPs within a couple of segments.  Does a TS Agent entry for every single possible IP need to be added on the PAN device, or can I configure it to look at a subne

...

CRHC by L4 Transporter
  • 3234 Views
  • 3 replies
  • 1 Likes

Resolved! How does SSL inbound decryption work exactly?

I am not looking for a guide on how to configure it, there are plenty. What I want to know is how SSL inbound decryption works from an architectural point of view. In the docs it says that once you loaded the webserver's certificate onto the PAN devi

...

Radius Authentication

Hi,

we use Vpn authentication for portal LDAP and for gateway Radius

Users can connect using their names to portal with typing user and password

after that they type another user name and password for Radius.

When we look we see the logs of users coming

...

panos by L6 Presenter
  • 1947 Views
  • 4 replies
  • 0 Likes

Resolved! Excel XLSX recognized as ZIP file

Hello,

I configured a File Blocking profile to block specific file format (like Exe, PE, RAR, etc).

Unfortunately, this profile also blocks Excel file in new format (.XLSX).

No problem, with the old format (.XLS) !!

After reading some doc, it seems that

...

licenselu by L4 Transporter
  • 4867 Views
  • 2 replies
  • 1 Likes

Resolved! Not Receiving Scheduled Reports

Kind stumped on this one. I have some scheduled reports I'm not receiving. I was getting them on a daily basis as configured in the email scheduler but they just stopped one day and no changes to the firewall were made. I've created a report group, a

...

Palo Alto as a route reflector

Hi,

I have a couple of PA-500 clusters and I want to use them as route reflectors for my internal BGP network. There doesn't seem to be anything in the documentation on how to do this but the documentation suggests the Palo will do it, I was wondering

...

Gareth by L1 Bithead
  • 2966 Views
  • 5 replies
  • 0 Likes

Resolved! Some has a problem blocking Youtube Application?

I recently had problems with blocking youtube, I added a policy where I deny the application access to youtube. When I go to the YouTube page and I try to watch a video, the first time if it hangs correctly, but if I try more times with other videos,

...

  • 24022 Posts
  • 99 Subscriptions
Top Solution Authors