General Topics

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer!

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free

Hey Everyone!

The Fuel User Group is now part of LIVEcommunity! If you haven’t come across Fuel before, it’s a space where you can connect with fellow cybersecurity folk, share knowledge, and learn from each other. It’s completely free as well! Fue

...

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

cannot block hotspot shield

HI

it seems it has became vey diffcult to block hotspot shield , even though the application is being idenfied by palo alto , still hot spot finds it way by port 80 . is there any way to block hot spot shield.Also From IPAD/IPHONE it is easily connect

...

Resolved! User-ID agent , custom agent sequence or agent priority.

Hello,

I know PANOS-5.0 provide custom agent sequence function.

Does PANOS-4.1 have same function such as custom agent sequence or agent priority???

I use two User-ID agent.

Does Palo Alto Device receive ip-user mapping information from all(two) agents

...

Globalprotect and Lenovo/Stoneware's Lanschool

Good morning, all!

For the past several months, we've had an ongoing issue with our student's take-home 1:1 netbooks. Once they attach to the globalprotect portal/gateway, they won't work with LanSchool any longer.

First, the environment background:

PA

...

PanAgent support

After upgrading to Panos 5 from panos 4.0.11 ; Can we use panagent or should we use user-id agent ?

panagent version 3.1.2

Resolved! Block users

Is there a way to block Guest users using their personal device with the virus or malicious software on it from accessing our network and notify them immediately using response or some sort of redirect page to contact support. Can PAN do this? If so

...

5.0.3 - Panorama Hanging on Commit

Has anyone else, with a 5.0.3 install, seen Panorama hang - requiring a hard (in the VM sense!) reset?

Twice within 48 hours of upgrading to this version have I had Panorama freeze totally when commiting.

First time was a local commit (saving a policy

...

What are recommended storage retention thresholds for URL Filter logs to achieve custom detailed date range reporting?

Depending on the hardware and disk sizes e.g PAN-5020, what are recommended URL Filter logs retention durations.

Most often we'd get

...

Resolved! PanVPN agent

Hello admins.

I read in documentiotion that there is VPN client software for Palo Alto devices.

I wanted to try it out, but my licence expired and I can`t access to software page (if there is one).

I would like to know if system supports "client VPNs" (

...

Internet load balancing

Hi i have 5 internet connections (two dedicated links with different ISPs and 3 shared links with one ISP) , I need to configure the 5 untrust zones for internet and one for trust how i can configure the VR and how i can i use PBF per group of users.

...

Resolved! Deploying LSVPN ( Large Scale VPN) with NAT !!!

I'm newcomer with Palo Alto. I have project to deploy PA using LSVPN . But there is a problem because The Internet Link from ISP & MPLS must Via Router Cisco.

But I wonder , when using Router at Border , that means you must NAT Public IP to Private IP

...

Resolved! GlobalProtect certificates

In my company we have AD and our internal CA. I want to use our internal CA for GlobalProtect. What I have done so far:

I've import our root CA to PA500 (PANOS 5.0.3).

I've generated web server certificate and imported it in PA500

I've cr

...

Monitoring and Blocking eMail

Hello,

I want to know how I can do the following questions:

1.- How can I block in gmail application the access to all the mails like this xxxx@gmail.com, but allow the access to emalis like this xxxx@domain.ec that also are associated with Gmail.

2.- H

...

Resolved! Global Protect Usage Report

I have created a custom report to track all VPN users by subnet.. I parsed it to user and total bytes.. however, I can only get maximum 500 lines.. we have 1000 GP users, anyway around this?

Resolved! FIPS mode IPSec cipher suite subset

When you enable FIPS mode on the firewall, what are the subsets of cipher suites available that the admin guide is referring to?

Admin guide -

"When configuring IPSec, a subset of the normally available cipher suites is available."

Mail server getting blocked when downloading files

I have an exchange server that is getting block-continues for file types that are not being explicitly blocked...pdf, jpg, etc.

It has no way to continue.....

I believe it must be some default behavior I am not aware of in the AV or AS profiles?

Where a

...

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

Fuel User Group is Now Part of LIVEcommunity – Connect & Learn for Free