General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 355 Views
  • 0 replies
  • 2 Likes

Resolved! How do I block all URL traffic but a select few?

This question has been asked in a couple of different ways without a definitive answer that I can find.

My challenge is that we have an external engagement space where designers (internal and external) collaborate on projects. Users thin client into t

...

dmcgee by L0 Member
  • 10392 Views
  • 5 replies
  • 1 Likes

Resolved! Display 'Last logged in' info on user's logon screen

Hi,

Is it possible to display the timestamp of the last login on the logon screen (both in captive portal and at the globalconnect remote client)?

I think this is a nice assurance for the user to actually check that noone has used his account since his

...

HA Primary

Why is it when I have a HA pair with an identical link failure on both devices (same monitors configured), the device with the higher 'device priority' value (least preferred) becomes the Primary device?

When a pair of devices has the same failure the

...

Palo Alto start up queries

Hi everyone,

Just have some queries on Palo Alto firewalls posting some questions. Help on these is much appreciated.

  1. what does the following  command do

   > show neighbour all

Does this function like Cisco discovery protocol to identify the peer CISC

...

srikanth by Not applicable
  • 2632 Views
  • 1 replies
  • 0 Likes

Resolved! Syslog - What IP is Sourced in Syslog?

PA500 and syslog? What IP (or interface) is sourced from the PA to a syslog server? Is it a management interface? If you have multiple assigned management interfaces, which one?

Thanks.

dudesdad by Not applicable
  • 4071 Views
  • 4 replies
  • 0 Likes

Resolved! SSO Requirements

As with most things GlobalProtect I am having issues with a customer and am finding it difficult to find out why.

I guess the first question is do you need to use client certificates in order to use SSO with global protect?

The issue the customer has i

...

Resolved! unauthenticated users

Is there a simple way to prevent unauthenticated users from accessing the internet from the inside?

It is my understanding that you cannot negate AD Groups? True?

I was hoping to create a policy like this that would deny any unauthenticated users from

...

Resolved! User-ID functionality for 5.0+

I am playing around with a new PA200 we recently purchased. I am interested in learning more about he new User-ID functionality that is built into firmware version 5.0+. Is there any documentation, white papers, etc. that I could use to try and get t

...

AD Tools and Lync do not work over our SSL-VPN

I connect to the VPN (NetConnect). I get all my ipconfig correctly. I can ping anywhere in the network.

If I bring up an MMC I can add an RDP snap-in and RDP to machines.

However, the AD, DNS, DHCP snap-ins cannot connect to our servers.

Checked the fir

...

Resolved! Apple or Mac viruii scanning

Group

I have a student in one of my classes who asked what scanning techniques do we have, surrounding the AV security profiles that we apply.

Apple File Protocol is not one of the 6 precanned decoders that we apply in our AV scanner.

How does/would Pal

...

scantwell by L4 Transporter
  • 2036 Views
  • 1 replies
  • 0 Likes

Resolved! HOW to disable DHCP Lease start in system log

Hello,

DHCP server is enabled on PA for some customers.

It works fine BUT it creates a lot of entry in the sytem logs.

( receive_time leq '2013/02/06 11:49:27' ) and ( subtype eq dhcp ) and ( severity eq informational ) and ( eventid eq lease-start ) an

...

licenselu by L4 Transporter
  • 3070 Views
  • 3 replies
  • 0 Likes

Resolved! Global Protect Setup

I have attached pictures of my current Global Protect setup. Now we have had a request to allow IPAD's, and Android tablets on to the VPN. Can I have multiple profiles? One for our Domain laptops and one for tablets? I see from the documentation that

...

Resolved! Selective cut-paste of the config

Hi,

I have to deploy 9 PA boxes. I would like to create all objects on one box and copy that section to all the boxes. How do I achieve that? The config seems to be in XML format and section cut-paste is not working on command line. So far only way I

...

smunzani by Not applicable
  • 5400 Views
  • 5 replies
  • 0 Likes
  • 23673 Posts
  • 108 Subscriptions
Top Liked Authors
Labels