This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4228 Views
  • 0 replies
  • 0 Likes

PBF vs Static Route

Hi,I have traffic going from A.A.A.A to B.B.B.B,The problem this is working with the static route. But I need to use PBF instead for monitoring reasons. When removing the Static route and using PBF traffic is not reaching the target. I am configuring as follows:For PBF: If the source is A.A.A.A send the traffic to M.M.M.MFor Static route: If the...

rsaber by L1 Bithead
  • 8404 Views
  • 5 replies
  • 0 Likes

How are passwords and keys stored in PAN xml config files

Are they hashed before storing them in the config files? By the looks of them, it seems like the PAN appliance is storing them in an encrypted format. If so, can they be decrypted?For example, an OSPF key is stored as follows"-AQ==xxxxxxxxxxxxx=xxxxxxxxxxxxx=="This pattern can be observed in almost all of the keys/passwords stored in the XML con...

rajqfs by Not applicable
  • 28460 Views
  • 18 replies
  • 0 Likes

Allow Youtube for some persons and blocking it for others

Hello,I want to allow Youtube in general for a few users. For other users it should be blocked.I created a rule that all allows the youtube-application for a few users that are specified with the help of an active directory group. My second rule does only allow web-browsing and blocks other applications.This worked fine so far. After a while I n...

SSL Decryption - warnings during commit

I had setup GlobalProtect with a third party certificate that I chained together, and it works fine with no errors.Then, I began testing SSL Decryption yesterday (with an initial goal of decrypting SSL for Facebook so that I could block Facebook games). Upon configuring the Decryption Policy, when going to commit, I receive these warnings:Warni...

uscit by Not applicable
  • 4754 Views
  • 4 replies
  • 0 Likes

Resolved! Security Advisory Listings

Do others think the Security Advisory Listing should be sorted from newest to oldest ? Now it loads with issues from 2012 which I would hope have been fixed. You then have to scroll down to see what the latest one was whichtakes time, upon an initial glance you could be mislead to think that everything has been fixed.

froberts by L0 Member
  • 2285 Views
  • 1 replies
  • 0 Likes

Resolved! Pre-sales tools

Hi All, I am looking for a document or a tool that might help me to choose the right device for one of our clients relying not only on the number of users and servers but also on the unit price of the appliance.Best Regards,

Lahcen by Not applicable
  • 3383 Views
  • 2 replies
  • 0 Likes

Wildcards in URL filtering for SSL-decrypt bypass

OK, so this is driving me mad and I'm obviously missing something.I've created a custom URL category in which I wish to drop URLs that will bypass SSL decryption. In this I want to use wildcards, so that all sites for a particular company can be bypassed.For the sake of example, let's say the site I want to get to unencrypted is https://www.mic...

segmentation of bandwidth:

Hi All, One of our customers has an internet acces of 20Mbits and 4 types of users so he wants to segment the internet acces into 4 acces in order to ensure that every user groups has a bandwidth of 5Mbits. is it possible to do this treatment with a Palo Alto firewall ?BR,

Lahcen by Not applicable
  • 3914 Views
  • 6 replies
  • 0 Likes

Resolved! How Can I create custom application?

Hello Family~I would like to create custom application,,but It is hard to doanywayrecently I red custom application documentabout uploading.com\. <- why include \ character?I tried to what could have known where document;;help me please,,

ipsec-esp / Protocol 50 invisible in vwire mode ?

We have a Vwire configuration with a paloalto (5.0.6) between a third-party router and the wan port.Security policy is allow any - any for both directions/security zones, log at session start an end.Everything works (as expected), all VPN Tunnels on the third party device are up and running, but we dont see any ipsec-esp traffic in the traffic m...

register by L1 Bithead
  • 5266 Views
  • 5 replies
  • 0 Likes

Resolved! QoS Egress Max 0 = unlimited?

The default setting when creating a new QoS interface for Egress Max is 0. Does 0 mean unlimited or 0 (no bandwidth, no traffic)?Mike

mike_cc by Not applicable
  • 8193 Views
  • 3 replies
  • 0 Likes

Content version 390

Hello All, In content version 390, the ssl traffic is mis-categorized as private-ip-address as a result, this content version is pulled back. The devices which have already seen the content version 390 will try and install it even if you have reverted to previous content version. The devices which have not seen the content version 390 are ...

tshiv by L4 Transporter
  • 1813 Views
  • 1 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks