General Topics

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

In case you missed it, check out this new Fuel Workshop series, which covers the following topics:

Customer Support Portal Overview
License Management
RMA Best Practices

Dive into the three-part Fuel Workshop video series and learn how to efficient

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

PAN only takes the first category of an URL from Brightcloud

Here is an example:

www.aetna.com is rated on the website of Brightcloud as "Business and Economy" and "Health and Medicine".

"test url www.aetna.com" results in a "Business and Economy", which could cause some legal issues when traffic to "Health and

...

Policy Based Forwarding only works when using specific IP

Thinking outloud here...

I would like to record voice traffic for VPN connected customer service agents.

Traffic comes in a VPN-HomeRouters tunnel from a 10. IP range.

The PBF works when setting source Zone and IP, Next Hop and 1 destination IP.

When i c

...

Resolved! Captive portal behavior with Ipads/Iphones

I am using the CP quite successfully. However, I am running into some strange behavior with the Iphones and ipads.

If I connect a (non AD Bound) computer to the wireless, it connects fine and I get prompted for the captive portal only when I try to g

...

Resolved! 46076 ARP issue and 5.0.1

Hey,

Has this been fixed in PANOS 5.0.1 release? It has no reference in resolved issues in release notes to that release. However this KB article says it should be fixed in 5.0.1:

Can anyone confirm that this has been fixed for 5050 and release 5.0.1?

...

Resolved! How to Ping Public IP on PA500 Interface from same PA Untrust Interface

Currently we have a Guest Wireless network setup behind our PA. We'd like to use this network as a test network as well, for certain projects we are working on, to act as if it was outside the network. I have done this in the past with other vendor f

...

ARP timeout

Hello,

We have a customer who is facing issue described by this KB article :

I wonder whether it is possible to change the default timeout value which is set to 1800 seconds ?

It could be very helpfull in some situations, and most of the network devices

...

Resolved! Check TCP sequense number

Hi

I am not sure if PA box could default check TCP sequense number ... have CLI cmd to tigger this checking

Jeff Jin

Radius access for MGT conflict radius for user access.

Dear,

we use radius profiles for internal users towards a customer internal network policy server and so. The administration of the palo firewall is done via the MGT interface on a dedicted pvlan based administration network. We want to enable radius

...

Can I use DNS Proxy to Host External DNS?

Hello,

I'm going through my first ever configuration of a PAN-500, coming from the McAfee Secure Firewall (Sidewinder). Our current firewall authoritatively hosts our external DNS records pointing to our MX records, etc, and I wanted to know if it's p

...

custom session timeout for select user group

I would like to customize the session timeout for an application for a select group of users. All others would use the default session timeout.

Thanks

Resolved! Support SSL/TLS Ciphers supported??

Hello Group

I am looking for the official list of supported and unsupported SSH/SSL ciphers on the Palo Alto Networks solution.

Maybe I am not necessarily looking in the right location.

Thank you.

Resolved! Security Profile default actions

Once again I find myself searching for documentation, once again I am disappointed. There have been a couple posts over the years asking to see the magical "default actions" and the standard answer is "here's how, go look yourself"

This is an unaccept

...

Product sizing

hi

what is the best way to size an appliance to find which model fits the customer network, is there a tool or a technique for it ? ..

Resolved! Interface "attack" counters

Hi,

With the command "show counter interface ethernet1/X" i see several counters related to different kinds of "attacks".

land attacks ping-of-death attacks teardrop attacks ip spoof attacks ...

How to get the client's IP address with x-forwarder-for in PAN.

How to get the client's IP address with x-forwarder-for in PAN, I need to create something to caputure this part of HTTP header?

Thanks.

Patricia.

Discussions

Fuel Workshop - Watch Now: Managing Your Palo Alto Networks Assets and User Accounts

Ensuring a Safe and Secure Community: How You Can Help

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

PAN only takes the first category of an URL from Brightcloud

Policy Based Forwarding only works when using specific IP