General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Still no way to set SPECIFIC threat exceptions???

I created this thread over a year ago...

https://live.paloaltonetworks.com/message/3636#3636

...is there still no more intuitive way to be more granular when it comes to creating threat exceptions? I'm still having the same problem I report at the bott

...

jambulo by L4 Transporter
  • 1571 Views
  • 4 replies
  • 0 Likes

Application bit-internal cannot be allowed.

How can I allow application bit-internal in my policy? This application is blocked by last rule (explicity block rule). I didn't see application bit-internal in my Object->application database and I can't use it in policy. We have PANOS 4.0.8 and app

...

darkfibre by Not applicable
  • 2359 Views
  • 5 replies
  • 0 Likes

Trouble setting up Globalprotect

Hello,
I'm tring for a week now to configure Global Protect. And have only been partially successful.

My config is PanOS 4.1.1 and GP client 1.1.2 on PA 2050 Boxes. No GlobalProtect Licence.

I encountered 2 Problems which I can't solve.

1.
I have configur

...

PA 5000 series users

Is anyone else running this new hardware platform besides my company?  We are running into a huge amount of issues and I would like to know if it's just us or not.

Creating Zones (Sub-Zones) on PA-500

Hello,

This question might sound very stupid, but never mind: 

I have a PA-500 configured which does a specific job which does layer 3 and that requires creating a lot of zones in-order to differentiate the traffic ( as per my understanding, zones are

...

SSL Over-Ride Page

Hi,

Anyone had any luck with getting the SSL URL Over-ride page to display without a certificate error?

If I have 'transparent' mode enabled for this function I get a certificate error (it appears to replace my URL with the IP address, port 6083, which

...

apackard by L4 Transporter
  • 874 Views
  • 1 replies
  • 0 Likes

Virtual Routers as High Availability

We have a less critical PA firewall system connected to an HSRP pair on the internal interface and an HSRP pair on the external interface.

What is the best way to configure these systems to ensure the most availability of the routes so traffic can con

...

blogspot.com application

Hello,

I'd like to differenciate blogspot.com websites that contain adult content from others blogspot.com sites.

I noticed  that blogspot.com adult content sites redirect the requested url to a page for content acceptance.

Is possible to block this beh

...

is it possible to make an aggregation of HA3 interface?

Hi there.

I have a question relevant to Active-Active HA.

This is example for a question.

I must configure Active-Active HA With PA-5050 of 2.

And external interface must aggregate with two or more interfaces to support 2G traffic. (Customer average tra

...

willstech by L3 Networker
  • 1013 Views
  • 1 replies
  • 0 Likes

Close Global Protect

This might be something silly I am overlooking, but of the 3 computers I have Global Protect installed none of them can close Global Proect when done with it. Even going in and trying to end the process just makes it open a new instance. Has anyone e

...

Linwood by Not applicable
  • 4710 Views
  • 12 replies
  • 0 Likes

Url Filtering Virtual Wire

We are waiting on some changes with our carrier and are using PA2050 set up as a virtual wire. I am trying to enable url filtering and when I enable the rule, it blocks all HTTP traffic.

When i set policy to deny, it denies all traffic. Thoughts?

BGP RIB-out prefix

I've setup bgp with this guide(for active/passive configuration):

https://live.paloaltonetworks.com/docs/DOC-1572

I needed to prioritize one ISP so I changed configuration with this guide:

https://live.paloaltonetworks.com/docs/DOC-1573

and

https://live.p

...

mribic by L0 Member
  • 2603 Views
  • 3 replies
  • 0 Likes

Block skype partially work

Hello,

I have panos 3.1.10 and I have rule to block skype and skype-probe application.

I'm using skype client 5.6.59.110 and the behavior is the following:

- skype client authenticate and goes  online

- contact became green (online status)

- Calls doesn't

...

Top Solution Authors
Top Liked Authors