General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 2857 Views
  • 2 replies
  • 13 Likes

Unable to assign Security Policy to Users or Groups

Hi -

We are using User-ID Agents to create user-to-IP mappings and I've got group mapping configured on the firewall itself and I can browse through my ldap groups.  However, when I go to Policies > Security Policy I am unable to select either individ

...

Looking for advice on App-id configuration

Looking through the white papers and documentation, I didn't really find much as to a recommendation on how to tackle the task of app-id configuration as a whole. Have any of you found any documentation that was helpful in this area? One approach I w

...

Route checking using CLI issue ?

Hello,

We are using PA3020 in L3  A/P cluster mode. PanOS is release 5.0.2.

We are using static routes to reach our different subnets.

When trying to check a route destination to verify the path using the CLI, nothing is shown as there was no route for

...

ldormond by L3 Networker
  • 3425 Views
  • 3 replies
  • 0 Likes

Current situation with Dropbox?

Hi,

what is the current "state" with PAN firewalls when it comes to decrypting Dropbox traffic? I found a lot of threads on the forum, some with contradicting information. It was said that Dropbox was put on an internal ssl-exclude list so the firewal

...

Resolved! Packet Capture stopped working

Hi,

the last days I did some captures on a PA-2020. At Yesterday I tried again but it doesn't work anymore. Tried via WebGUI and CLI.
If I start the capture it is shown running but no files are created. PAN-OS is 4.1.12.

Does anybody know this issue? C

...

JoergK by L2 Linker
  • 8441 Views
  • 9 replies
  • 1 Likes

Resolved! RADIUS and CISCO ACS v5.1

Hello!

Is it possible to configure the PA to read the RADIUS logs in Cisco ACS v5.1? Can the PA map users which have authenticated to a RADIUS server, the external DB being AD?

Resolved! Palo Alto drops current local login when using RDP

Hi!

We are currently using a PA500 appliance using User ID Agent on Windows Server 2008 R2.

My profile account (ex. super_user) is exempted to all which means I have no restrictions in accessing any websites.

Apparently, when I RDP our servers I have to

...

mapfre by L0 Member
  • 1947 Views
  • 2 replies
  • 0 Likes

Palo-Alto 500 replace bluecoat proxy server

Hi gues!

LAN -> Bluecoat | Palo-Alto -> Internet

Is any one have an experiance with raplace bluecoat proxy server with palo-alto.

Is palo-alto can be proxy server for network?

Please share your experiance.

Thanks in advance.

Ulugbekyu by Not applicable
  • 4124 Views
  • 4 replies
  • 0 Likes

Resolved! Security Profile Antivirus mail block

Hi,

when you configure imap,smtp and pop3 block and in another profile alert;

is the only difference between them is just sending back 541 response on block ?

Or They are same (block or alert no difference)

Thanks.

panos by L6 Presenter
  • 3261 Views
  • 2 replies
  • 0 Likes

Resolved! Question on Anti-Spyware DNS signatures

Hi,

as far as I understand Anti-Spyware profiles, the DNS options will find DNS lookups to known malware sites. How exactly does this work? Will the actual DNS lookup be blocked or will the client's access to the site be blocked?

Quote from the documen

...

Resolved! SSL: Firewall uses untrust-forward cert. for every site

Hi,

I just set up SSL Decryption exactly as described in the Getting Started Guide (English)

I have one trusted-forward certificate, imported into browsers, and one untrust-orward certificate, not imported into browsers.

Now when I connect to SSL sites,

...

  • 24011 Posts
  • 99 Subscriptions
Top Solution Authors
Top Liked Authors