This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

ARP timeout

Hello,We have a customer who is facing issue described by this KB article :I wonder whether it is possible to change the default timeout value which is set to 1800 seconds ?It could be very helpfull in some situations, and most of the network devices allow to change this value.I searched the Admin guide and CLI guide as well as the KB but I didn...

ldormond by L3 Networker
  • 4293 Views
  • 3 replies
  • 0 Likes

Radius access for MGT conflict radius for user access.

Dear,we use radius profiles for internal users towards a customer internal network policy server and so. The administration of the palo firewall is done via the MGT interface on a dedicted pvlan based administration network. We want to enable radius authentication for administrator purposes , but this seems to be impossible due to the fact that ...

gejack by L1 Bithead
  • 3377 Views
  • 1 replies
  • 0 Likes

Can I use DNS Proxy to Host External DNS?

Hello,I'm going through my first ever configuration of a PAN-500, coming from the McAfee Secure Firewall (Sidewinder). Our current firewall authoritatively hosts our external DNS records pointing to our MX records, etc, and I wanted to know if it's possible for the DNS Proxy module on the PAN-500 to do the same thing.Thank you.

Resolved! Support SSL/TLS Ciphers supported??

Hello GroupI am looking for the official list of supported and unsupported SSH/SSL ciphers on the Palo Alto Networks solution.Maybe I am not necessarily looking in the right location.Thank you.

scantwell by L4 Transporter
  • 4269 Views
  • 2 replies
  • 0 Likes

Resolved! Security Profile default actions

Once again I find myself searching for documentation, once again I am disappointed. There have been a couple posts over the years asking to see the magical "default actions" and the standard answer is "here's how, go look yourself"This is an unacceptable answer. Someone has the list - what's the secret? I'll bet it's even updated regularly.Come ...

dsinnott1 by Not applicable
  • 6084 Views
  • 5 replies
  • 0 Likes

Product sizing

hiwhat is the best way to size an appliance to find which model fits the customer network, is there a tool or a technique for it ? ..

u3974 by Not applicable
  • 3999 Views
  • 3 replies
  • 0 Likes

Resolved! Interface "attack" counters

Hi,With the command "show counter interface ethernet1/X" i see several counters related to different kinds of "attacks".land attacks ping-of-death attacks teardrop attacks ip spoof attacks mac spoof attacks I'm unable to find documentation or a desc...

torm by L4 Transporter
  • 4012 Views
  • 1 replies
  • 0 Likes

search traffic logs by vsys in CLI

Does anyone know how to specify your traffic logs by vsys and add multiple search parameters of the same type like you can in the gui? We are running PanOS 4.1.7. Notice that the app option does not show up anymore and and there is no vsys option.PA-1(active)> show log traffic action equal deny app not-equal not-applicable + csv-output cs...

Jinx by L1 Bithead
  • 3006 Views
  • 1 replies
  • 0 Likes

How do you allow Polycom (nat) via Palo Alto FW?

Hi,I'm having issue with configuring NATing for my Polycom unit sitting behind the firewall to work. I have allowed all the required apps for Polycom to allow outgoing and incoming. My issue is when I can only call out to another party with public IP but can't receive call from outside the network. I have both NAT rule for both ways in place....

akatev by L0 Member
  • 12428 Views
  • 15 replies
  • 0 Likes

Resolved! about certificate expired date

Hi All,Is there any way to custom certificate expired date that generate by paloalto itself ? I saw it on webpage that is too short, it only have six monthes.Thanks.Regards,Joy

Resolved! SSL decryption - Forward UNtrust certificate presented

Hello,We experienced a problem with a specific SSL encrypted site: https://panakeia.infoman.de/The original certificate is issued to "*.infoman.de" and was issued by Go Daddy (--> InfomanCert_Original.png). It seems to be perfectly valid but still our PA-2050 thinks different and presents our internal clients a SSL certificate issued by our "...

oschuler by L4 Transporter
  • 11745 Views
  • 7 replies
  • 1 Likes
  • 24380 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks