This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

Resolved! NAT to multiple https sites

It is possible to NAT to multiple internal https sites behind a single external IP address? If so any guidance on how to create the NAT policy would be most apprecaited.

tjcarter by L1 Bithead
  • 8019 Views
  • 10 replies
  • 0 Likes

PA-500 dual internet connections

Hello all,First post here!!I have a PA-500 that I'm trying to add a second internet connection to and I'm running into an issue. The goal here is to keep the primary line (a bonded T1 solution) for corperate traffic such as VPN tunnels, remote connectivity, SIP phones, mail delivery and then add the second line (a standard cable line) for genera...

Resolved! Block DMZ specific URL

Hi dear,I wanted to block from Internet a specific URL on our publicwebserver that located on our DMZ:We have a webserver on our DMZ example (https://toto.ourcompany.com) so we havea policy that allow from Internet to access this webserver by SSL, what I wantto do is to block only for example (https://toto.ourcompany.com/Web/login.html).I did a ...

BSadozai by L2 Linker
  • 3374 Views
  • 2 replies
  • 0 Likes

Routing to the same IP address via different tunnels.

routing the same IP within a VR via 2 different ipsec tunnels, I currently have a primary tunnel and a backup tunnel built for a customer. All traffic from this customer comes from the same PAT address to my firewall. I have 2 static routes going to the same IP addresses via 2 different tunnel interfaces using a metric of 1 for the primary and...

cmoore50 by Not applicable
  • 3318 Views
  • 1 replies
  • 0 Likes

How do you duplicate a device group

Mite seem like a simple question, but it seems you can only clone/duplicate the security rules within the same policy you cloned/copied it from. Im trying to create a new device group and use existing security rules from an existing device group without having to rewrite the same security rules in the new device group. Thank You.

jessiea by Not applicable
  • 8974 Views
  • 5 replies
  • 0 Likes

How to logout users from CLI and Web UI

Hi was wondering if we can logout users who are authenticated from Radius and local database if we have super user permissionsAlso will i be able to clear commit which is already in progress because if i stop a commit and try commit at a later time it shows me error saying that there is a commit in progress and will not work unless I restart the...

srikanth by Not applicable
  • 27395 Views
  • 4 replies
  • 0 Likes

Apps & Threat update link not visible

Hello Guys,when I was about to update the latest Antivirus, Applications and Threats (Device>Dynamic Updates) of the box, I noticed that the update link for Applications and Threats are not visible. I tried to restart the box but still the link did not appeared. I have attached here the screenshot showing the scenario.By the way I already up...

Zone Assignment

In PanOS, how are the zones established for inbound rules? I have a bi-directional NAT created for a device located in a DMZ. I also have a security policy allowing traffic to the NAT address from the untrusted zone (Internet). When traffic comes in, it is marked as source zone => untrusted, destination zone => trusted and denied becaus...

jpvh1234 by L0 Member
  • 3024 Views
  • 1 replies
  • 0 Likes

Duplicate Address Detection (DAD)/Gratuitous ARP

hi!I was wondering if a PAN firewall performs Duplicate Address Detection (DAD) by sending ARP Request packets for IP addresses on an interface once it is connected to a switch? does it do it only for the primary address on an interface or does it do it for all the IP addresses that are configured as aliases on an interface?we have noticed that ...

santonic by L6 Presenter
  • 5554 Views
  • 1 replies
  • 1 Likes

Resolved! Reset ports to default settings

Hi,How do I set the port to default settings. Once you configure a port, if you don't use it still shows as Red color. I would like to set it to default set where the color is gray.Thanks in advance.

Resolved! Question Regarding Rule Processing Behavour with Multiple Virtual Routers

So I have a few virtual routers on my PA 4200.I have one VR that every packet touches more or less before it gets sent on its way. Every Interface has its own zone.So,a packet comes into the main VR (VR1). A route is found, NAT rules are processed (none found) and a security rule is hit, packet is allowed through and a (firewall) session is crea...

choff123 by L3 Networker
  • 3550 Views
  • 4 replies
  • 0 Likes

New User-ID agent 5.0.1-2

In User-ID Agent Release Notes is mentioned:Addressed Issues 5.0.1The following issues have been addressed in this release:• 46473 – Not able to install the terminal services agent version 5.0.0 on a Windows Server 2003 R2 system. Support has been added for this version of Windows.But this is release for User-ID agent and not Terminal Services. ...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks