This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

JS/Trojan.iframe virus?

Hello,I'm seen hits for the JS/Trojan.iframe virus only since last Wednesday or Thursday. Have seen them associated with three different websites. I suspect false positives. Anyone else out there just started seeing these? Was the virus definition modified last week?ThanksEric

schaleg2 by L0 Member
  • 6078 Views
  • 7 replies
  • 0 Likes

SSL VPN and iPhone OS 4.0

I was looking at the new specs for the 4.0 code of the iPhone OS, and saw that they were opening up the SSL VPN function to Juniper and Cisco.Any chance Palo Alto is working on a NetConnect app for the iPhone?http://www.apple.com/iphone/business/preview-iphone-os/

mharding by L4 Transporter
  • 40956 Views
  • 58 replies
  • 0 Likes

QoS for Microsoft Lync

We are starting the initial rollout of Microsoft Lync clients. Has anyone setup QoS for Lync on the Palo Altos? Any issues to look out for that anyone has run into? We have 6 sites that will eventually have Lync clients and I want to make sure the user experience is good. Any feedback would be appreciated. Thanks.Dan

dan_mc by L0 Member
  • 2999 Views
  • 1 replies
  • 0 Likes

Resolved! PBF for Torrent Traffic

I am trying to establish a policy to send all traffic based on bittorrent through a specific ISP.However, when I add any application under the destination application, I get the error: application 'bittorrent' is not an allowed keywordapplication 'bittorrent' is not a valid referenceI noticed that not all application are available to use in the ...

rsaber by L1 Bithead
  • 2572 Views
  • 1 replies
  • 0 Likes

Resolved! How real-time is User-ID?

Kind of as per the subject really. I'm interested in using User ID so that only authenticated users have internet access, but I'm not sure quite how "real-time" it is?Someone comes in and switches on a computer, logs onto the domain, tries to browse the web - will the Palo Alto know so soon that they are now the user logged onto a particular PC...

Resolved! meaning of source-user pre-logon

Hi,Can anyone explain what the option "pre-logon" means as a value for source-user in a security policy?I can't find anything about it. Not in the build in help, the admin guide nor the CLI reference.

nwsol by L2 Linker
  • 7748 Views
  • 5 replies
  • 0 Likes

Peer identifier for azure is required to be set

I have got a tunnel set up successfully to Azure but have had to specify the peer identifier by IP address which will not be very stable. Azure support advise that the peer identifier set by azure is dynamic and that some firewall vendors (Cisco, Juniper) do not require the peer identifier to be statically set. On Palo Alto I got:ike-generic e...

Slow download for Metasploit Updates

I have question and I am not sure if I am posting this in the right place. I am also new to Palo Alto firewalls. I have a lot of experience with Cisco and SonicWall so you'll have to excuse me if I sound a little ignorant concerning Palo Alto at the moment.This is my question/problem. I have a single subnet on my network that seems to be having ...

Resolved! Maximum profiles on PA-500?

We recently received an error on our machine that says:"Number of profiles exceeds vsys capacity (50)". Is 50 a hard limit or is there a configuration somewhere to increase this number? We don't see anything in the documentation about max profiles and max profiles by different type of box. Any help is greatly appreciated.

garret by Not applicable
  • 3294 Views
  • 2 replies
  • 0 Likes

IPSEC Site to Site tunnel With Watchguard Firewalls as peers

I have a problem with the PAN keeping a tunnel connected to Watchguard firewalls.Phase1Main ModeIKE Crypto: MD5-3DES-GP1Lifetime: 8 HoursDPD 5-5Phase2IPSec Crypto: MD5-3DES-NoPFSLifetime 8 HoursLifeSize 128 MBProxy: Local 10.0.0.0/8 Remote: 192.168.4.0/24I have tried just about every type of Authentication and Encryption possible but still c...

Resolved! Slow Identification

We are currently in the process of switching over from a Cisco ASA to 2 palo alto firewalls in high availability. We currently have one in transparent mode to provide web filtering. The other we are using in a Layer 3 configuration. We are testing some of the rules on the layer 3 box by using policy based routing to send only a few vlans to that...

cbolitho by L1 Bithead
  • 2499 Views
  • 1 replies
  • 0 Likes

Resolved! URL Filtering Continue and Override Page

I want to use Active Directory for all blocks and overrides. We currently have a Barracuda that presents a block page that presents users with password entry that utilizes Active Directory. Certain groups are allowed access. Can this be done on the PAN?

Resolved! Authenticated NTP

I checked the Admin guide 4.1, but I didn't see anywhere to set NTP Authentication to its servers or peers. Is this functionality even available in PanOS? NTP Authentication preferably via PKI in NTP v4, SHA-1, or MD5.Thank you.

mark1ped by Not applicable
  • 2885 Views
  • 1 replies
  • 0 Likes
  • 24379 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks