This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! Licensing scheme

Hi All,

Does anyone know the licensing scheme of PAN? Any document for based license? What will happen if they don't renew any of the license? will the box still works with outdated signatures? Hope you could share any document about the licensing rul

...

TSPI by L1 Bithead
  • 1852 Views
  • 1 replies
  • 0 Likes

LifeSize

Anybody by chance have a signature for LifeSize? I added it to the applications list with just the ports used and generic categories but without a signature but it doesn't seem to be working. I thought before I dug into making my own signature I woul

...

Resolved! not-resolved URL catagories

Hello all,

Last week I did the upgrade on my PA 2020 box from 4.18 to the latest 5.0.1 version. Today is the first day that most of the staff are back in and I have noticed that a lot of people are requesting websites to be unblocked. Having looked at

...

JRussell by L3 Networker
  • 12912 Views
  • 8 replies
  • 0 Likes

How to tune wildfire rules

I am on a PA2050 using 4.1.12 in Device/Setup/Wildfire I have Wildfire enabled.  In Objects / Security Profiles / File Blocking I have rules that "ALERT" and "FORWARD" on certain file types.

My rule base for USERS connecting to the INTERNET consists o

...

EdwinD by L3 Networker
  • 4948 Views
  • 3 replies
  • 0 Likes

Resolved! missing block-url response page

Hi all,

I have a very common security rule permitting all traffic in for 80, 8080 and 443 ports, no matter the application

The attached URL security profile denies all url categories except for one (custom).

Now I've noticed not to be able to get the ex

...

Resolved! Connection Problem with Polycom VSX7000

Hello All,

I am having issues with video conferencing when using our Polycom VSX7000 which was working fine previously with our Checkpoint Firewall. When we switch over to PA-2020. We start having issues.

We are able to dial out to connect with remote

...

mmxong by Not applicable
  • 7060 Views
  • 8 replies
  • 1 Likes

Security Policy Organization

Anyone have any good tricks to organizing an ever-growing list of security policies?  We have quite a few especially with inspecting internal to internal traffic.  The firewall uses a top down approach to inspection, so I wanted to see if there was a

...

gheimer by L0 Member
  • 5424 Views
  • 5 replies
  • 1 Likes

Resolved! differentiate between IE and FF

Hi,

is it and when how is it possible to make a difference between a source which is using IE (company-standard) or firefox. I want to deny firefox-traffic.

We use v5.0.3

Cheers Klaus

kdd by L4 Transporter
  • 2287 Views
  • 2 replies
  • 0 Likes

SSL Sites bypass URL Category block

Good Day Guys and Gals

I need ideas on the following issue please! I have a block on all Social networking sites for the company. The Policy works great when the user tries to access http://plus.google.com, but when they use SSL (https://plus.google.c

...

u7285 by Not applicable
  • 7248 Views
  • 13 replies
  • 0 Likes

Resolved! Multiple IP addresses on an interface

I know that I can add a second IP to my outside interface by using a /32 instead of /24 like the first one has.  My question comes in with routing.  My default route shows a 0.0.0.0/0 going out ethernet1/1.  Since this interface has 2 IPs what IP doe

...

nthen by L3 Networker
  • 3358 Views
  • 3 replies
  • 0 Likes

Unable to assign Security Policy to Users or Groups

Hi -

We are using User-ID Agents to create user-to-IP mappings and I've got group mapping configured on the firewall itself and I can browse through my ldap groups.  However, when I go to Policies > Security Policy I am unable to select either individ

...

Looking for advice on App-id configuration

Looking through the white papers and documentation, I didn't really find much as to a recommendation on how to tackle the task of app-id configuration as a whole. Have any of you found any documentation that was helpful in this area? One approach I w

...

Route checking using CLI issue ?

Hello,

We are using PA3020 in L3  A/P cluster mode. PanOS is release 5.0.2.

We are using static routes to reach our different subnets.

When trying to check a route destination to verify the path using the CLI, nothing is shown as there was no route for

...

ldormond by L3 Networker
  • 3847 Views
  • 3 replies
  • 0 Likes

Current situation with Dropbox?

Hi,

what is the current "state" with PAN firewalls when it comes to decrypting Dropbox traffic? I found a lot of threads on the forum, some with contradicting information. It was said that Dropbox was put on an internal ssl-exclude list so the firewal

...

  • 24012 Posts
  • 102 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks