This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4239 Views
  • 0 replies
  • 0 Likes

Resolved! 4.1.7 inspection causes corrupt download and speed issues

I have two 2050's in an HA pair A/P on 4.1.7. I have a BGP setup with 100Mbps on one link and 250Mbps on another, and Gb to the LAN and DMZ. I have transferred just over 3G through the PA in the last 60 minutes.When I turn on inspection (Antivirus, IPS/IDS, Data Filtering, File forwarding) I see corruption in downloads. For example, when d...

EdwinD by L3 Networker
  • 8800 Views
  • 9 replies
  • 0 Likes

Exclude iTunes/App Store from decryption

I am using SSL decryption for all outbound traffic. Prior to the decryption rule I have a rule to attempt to exclude iTunes and App Store traffic from decryption. The rule seems to be working, but the App Store fails with "NSURLErrorDomain error -1012". When I turn off all decryption the App Store works.My rule is setup for no-decrypt from any...

Resolved! easy question, routing problem

Hello,I think it's an easy question, but I can't solve it.This is the situation. We have two routers.Router 1 (bintec RT1202) has two ethernet interfaces with different subnets sub1 (172.16.10.0/24), sub2 (172.16.20.0/24).Router 2 is our palo alto PA-200. It has one ethernet interface sub1(172.16.20.0/24)(just for the test).Now I want to make a ...

IDS_1 by Not applicable
  • 8518 Views
  • 6 replies
  • 0 Likes

Resolved! Can AD User Agent 5.0.0-22 be used with PanOS 4.1.x?

I have a large number of AD servers at remote locations all running AD User Agent 4.1.6-5. I do have problems with PanOS 4.1.7 talking to this user agent; it forgets who is signed onto a PC.Can I install User Agent 5.0.0-22 on my AD servers and expect my 4.1.7 - 4.1.9 PanOS firewalls to talk to this new user agent, as well as function properly?

EdwinD by L3 Networker
  • 2480 Views
  • 1 replies
  • 0 Likes

Resolved! Panorama 4.1.8 LDAP Failure

Having upgraded our Panorama from 4.1.7 to 4.1.8 - we can no longer use the LDAP user authentication.The user constantly gets "invalid username or password" (same message on the Panorama) - yet this worked without any problems with 4.1.7On Panorama - one can see that in the LDAP profile - the Base option is never getting populated (dropdown opti...

sitecore by Not applicable
  • 14480 Views
  • 22 replies
  • 1 Likes

Resolved! how to config data filtering profile?

Hi All,I want to setup data filtering profile for security issue, however the document is too old that I have, it for PANOS 2.1.5.Is there any recent update about how to config data filtering ?Regards,Joy

source nat with dual ISP configuration having issue.

Hi,am running panos 4.1.7 on PA-500 , recently i configure two isp on the pa500 for redundancy , i followed the procedure in DOC-3579 everything is fine except for the source nat policy when clicking on commit , it returns that nat rule1 shadows rule2 which leads to after a failover occurs the source nat for primary isp is taking precedence ove...

Resolved! Global Protect CLient "Startup Before Login"

Is there a way to have the Global Protect client interface show up before a user logs into Windows? For example, They want to manually connect to VPN before they login to their Windows machine. Thanks

eputnam by L1 Bithead
  • 3928 Views
  • 4 replies
  • 0 Likes

NAT inside VPN Tunnel

I have to create a VPN Tunnel to an untrusted network (business partner).I found out I will have to advertise all of our subnets to the parner, server nets, user nets, all of them...I will make some firewall rules to restrict traffic but also ...Is there a way I can setup the VPN but then NAT INSIDE the VPN so the remote side does not have to se...

choff123 by L3 Networker
  • 2374 Views
  • 2 replies
  • 0 Likes

Global Protect - how to do it?

HelloI havent licence for GP but I have a problem to solve ...I have 3 types (groups) of clients:(1) must have internet access with av/antyspyware/etc profiles.(2) must have internet access like (1) plus RDP to some host in local zones. Every client must have their own policy thats tell with server will be available to this person by RDP session...

_slv_ by L4 Transporter
  • 3275 Views
  • 3 replies
  • 0 Likes

Hit-Statistics per Security/NAT Policy

Hi,I would really like to see how often a security policy is hit. We came from Sonicwall to Palo alto, and this is one of the things i miss the most.Maybe there's a CLI command for it ? I didn't find it so far.Hope you can help me out.Kind regards,René Posthumus

APT Attacks

APT attack is one of the things the security industry is focusing on these days, and something that we should be aware of as well. In case a RAT (Remote Access Tool) gets installed on the user’s PC, an attacker can access and download all files within the victim’s PC. By having encryption on the documents, it eliminates the threat of allowing th...

Resolved! Testing IPv6 using test-ipv6.com

I'm unable to successfully complete test-ipv6.com (10 out of 10) without doing either 'Any' application or adding unknown-tcp as an application.When I do just web-browsing, I get denies on 'unknown-tcp'.Is there something different I can do without allowing wide open browsing for IPv6? Is this a deficiency in the Applications list or the way w...

  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks