This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4235 Views
  • 0 replies
  • 0 Likes

Indicated Firewall

I want to know wich Palo Alto model is the indicated for used in a company with 10,000 users filtered.We want filtered, url, antivirus, spyware and vulnerability. The installation firewall is in level 3.Regards.Hugo

Site to Site VPN with dual ISP

I have setup my Pa2020 with dual ISP, PrimaryISP using PBF w/monitor and BackupISP setup with Static route for 0.0.0.0/0.My issues is that my Site to Site VPN stops because of a timeout. I noticed in the VPN config uses my main virual router. Since my dual ISP routing is controled by the PBF, the VPN connection cant see the gateway.is there an...

PAlmart by L1 Bithead
  • 6906 Views
  • 8 replies
  • 0 Likes

Resolved! DHCP Server netmask. How to define?

Working with the built-in DHCP server on a PA200. Running PanOS 5.0.4Eth1/3 has the address of 172.168.1.1/16I have devices with static IPS in the 172.168.1.0/24 range.I'd like to have the clients in the 172.168.2.0/24 range so I'll need the netmask to be 255.255.0.0, however, there's no way to set that (that I can see) on the PAN.Setting the DH...

Nathan.S by L3 Networker
  • 9532 Views
  • 11 replies
  • 0 Likes

Resolved! Mac OS X Keychain asks for password on every connect

We have Machine Certificates on our Mac OS X Lion clients. When the portal accesses the system keychain to verify the certificates, it prompts the users twice to allow this action.Is this expected behavior? How do we get it to stop asking for permission to access the machine certificate every time a client connects to portal?

VPN Tunnel Management

I would love to see an easy way to enable and disable ipsec tunnels and / or individual proxy ID's within the ipsec tunnel in order to force the tunnel to renegotiate via the GUI interface. Why does such a basic function not exist on the PA in the gui?-Dan

PA installs - the missing details

Hello all,since I'm just getting to grips with the support processes here apologies if I've missed a nice handy guide anywhere about this. My various questions don't seem to be covered in the Tech Notes though.I'm installing some Palo Altos in to an existing network with multiple security elements. I'm missing some of the critical configuratio...

Security policy rule to allow users to download from certain URL's?

Just implemented a 3020 and have many Engineers looking to download EXE, ZIPs and ftp to sites all over the place. I am looking to allow them to use these services to certain URLs only. i have tried to create a custom URL list and File Transfer group but the problem i am having is created a rule that allows access to certain sites but not allo...

gkauno by L1 Bithead
  • 5952 Views
  • 5 replies
  • 0 Likes

Do I Understand Profile Exceptions?

Hi,Created a Vulnerability Protection profile.Noticed that I was seeing a lot of "Microsoft Windows Registry Read Attempt" entries in the threat log. These appear to be benign. So I edited the profile, clicked the exceptions tab and checked the "enabled" checkbox for this vulnerability. I assumed this meant that this vulnerability would now be i...

charger by L2 Linker
  • 6425 Views
  • 3 replies
  • 0 Likes

Upgrading to Pan OS 5.0.4 Error

Hi All,I just attempted to upgrade my existing pan os 4.1.2 to Pan 5.0.4. Everything went fine but my main link to router was down and so there is no internet access. I restarted the router and it was still no link. So i downgraded back to 4.1.2 and the link was back as normal. Anyone got this issue ?ThanksBen

mmxong by Not applicable
  • 3823 Views
  • 3 replies
  • 0 Likes

Resolved! Global Protect license question when using different PAN OS versions

Please let me know what the license situation is for Global Protect when using different PAN OS versions:4.04.15.0Do you I need a Global Protect license when using PAN OS version 4.0?Do you I need a Global Protect license when using PAN OS version 4.1?Do you I need a Global Protect license when using PAN OS version 5.0?Thank you!

bbsoc by L2 Linker
  • 2414 Views
  • 1 replies
  • 0 Likes

botnet-domain alert in GUI

Hello,on the cli show command I see under "XX Anti spyware" profile the botnet-domains policy but I'm not able to find it on GUI under object-securityprofiles -> antispyware.Where botnet-domain behavior is configured on GUI ?thank's .. here below the Cli output:spyware { "XX Anti Spyware" { rules { simple-critical { severity c...

Resolved! Blocking Single URL

Our students have decided it is fun to install the nCage Chrome extension which changes all images on a web page to a picture of Nicholas Cage. What is the best way to block a single URL from being accessed -- they are installing it via the Chrome Web Store.We have a PAN-500.The url in question is: https://chrome.google.com/webstore/detail/ncag...

Reverse-Proxy

How can I use Palo-Alto as reverse proxy. Suppose I have a DMZ zone that has all the web servers and I want the DMZ interface to act as reverse proxy.The untrusted interface facing the internet would do the NAT translation. Then send the traffic to Dmz1 interface. At this point I want the Palo-Alto to act as reverse-proxy.

knesan by Not applicable
  • 4867 Views
  • 1 replies
  • 0 Likes
  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks