This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4112 Views
  • 0 replies
  • 0 Likes

vpn between nortel and PA-500

Hi All,I have nortel vpn router 1750 in our main site and PA-500 in the branch, I need ipsec tunnel between devices. Nortel has static IP, but PA dynamic. I found that Nortel has site-to-site, initiator and responder options. which option I have to use site-to site or responder? can PA become Initiator in this case?Thank you.

Aslidin by Not applicable
  • 2823 Views
  • 2 replies
  • 0 Likes

Anyone Blocked a specific file from being downloaded?

Hello All, I am wondering if there is a way to block a specific file from any internet source. We would like to block users from grabbing a specific unsupported browser. (when you have 85k+ workstations - you need to keep them uniform for supportability ) I am looking at the File Blocking option and it doesn't seem to allow for specificatio...

Art by L3 Networker
  • 7563 Views
  • 7 replies
  • 0 Likes

Resolved! page cannot be viewed properly

Hi,There is a web page that cannot be viewed properly because of ssl decryption.Decryption is made for gmail applications by using custom urlIs there a way to fix that without disabling ssl decryption ?

Resolved! DHCP Server Delay

Hey all,Has anyone ever encountered a delay when the PA is handing out DHCP? I have a test network setup to do some captive portal testing for our guest network and I'm noticing it's taking anywhere between 5 - 25 seconds to get an IP address. Wireless network is set for open with no encryption (just for testing remember).Not saying it's not s...

mrsold by Not applicable
  • 5287 Views
  • 3 replies
  • 0 Likes

Resolved! Threat Log filter by 'Name' field

I've got a potential client that is trying to filter the threat log by the threat 'Name' field. He wants to see all from a specific threat.Normally you click on the item and it puts it in the filter bar but here when you click on the name you get a pop up with the details on that threat. I've tried a bunch of combinations and can't find anythi...

icmp redirect support

Hello,simple question:Does PA devices send / support icmp redirect ?Use case:PA device is the default GW for local LAN subnet (A).PA device has a route to an another subnet (B). The next hop is on his LAN Interface.Local Clients devices has only a default GW to PA LAN Interface.From my understanding and some tests:PA device does not send ICMP re...

glebon by Not applicable
  • 7611 Views
  • 3 replies
  • 0 Likes

Resolved! Licence problem with Iphone/Android GlobalProtect client

Hi,In our university, we have two PA-5020 (PANOS 5.0.5) with VPN service configured in actif/passif mode.We don't have gateway and portal licences activated, as we only need one GlobalProtect portal and one GlobalProtect gateway.Users with Windows or Mac OS can connect with the GlobalProtect client without any problem.However, with the new Globa...

cnamurdc by L1 Bithead
  • 4883 Views
  • 2 replies
  • 0 Likes

How GP selects between SSL and IPSEC?

Hi,I have recently noticed that most of my VPN users with Global Protect are connected with IPSEC.Before that, two or three weeks ago, they were mostly connected with SSL.How can it be like that?Is it related to some parameters on our PA-5020 (PAN-OS : 5.0.5)?Thanks for your help.Regards,Sylvain Fouqueray

cnamurdc by L1 Bithead
  • 11770 Views
  • 3 replies
  • 0 Likes

Resolved! Trying (still) to understand Wildfire

I got two files sent to me for analysis and I ran them through Wildfire to get a verdict...Unfortunately im still not comfortable with what Wildfire thinks is a malware and what me (and obviously the rest of the world) belives is a malware...Could perhaps somebody from PaloAlto themselfs (or somebody else) explain to me why both files have the v...

mikand by L6 Presenter
  • 6515 Views
  • 7 replies
  • 0 Likes

User ID from eDirectory, multiple IPs per user

Hi,for identifying users on an PA-3020 with PAN-OS 5.0.5 I use a combination of reading the information from eDirectory, XML-API and captive portal.I am now facing the problem that users which use different computers at the same time with their user account which is authenticated against the eDirectory (for example one at their workplace and ano...

Resolved! Panorama 5.1 on VMWare Workstation 9.0

Has anyone got it to work?I need to prototype a configuration for a customer who wants to move to 5.1, and all I have access to is VMWare Workstation 9.1. I thought that would not be a problem, but perhaps it is? I'd be working within the 30 day trial window.Firstly, whenever I try to import the OVF file, I receive a message saying that the file...

PA 4020 and PANOS 5.0.6 dataplane CPU spikes: anyone else seeing this?

We upgraded our PA 4020 to PANOS 5.06 (thankfully it's only in tap mode, no traffic is running through it). Our PA 4020 is kind of our "canary in the mine" so to speak when it comes to upgrades, and maybe having that implementation is proving itself out right now.Anyway, has anyone see dataplane CPU spikes on 5.0.6? See the nice little spikes on...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks