General Topics

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! How to see historic load (CPU load) stats on 4020?

Let me start by giving the traditional, ive rtfm, this forum wont let me search it and ive tried hard to find it myself.

I need one simple thing. How much load is on my FW and whats the load been historically? Where the heck can I find this? All I can

...

Global Protect certificate Error: Certificate 'certname' failed to load: parse tbs certificate not supported algorithm

What dose that error mean?

Im trying to get a simple certificate from an w2k8 server CA to use in the Global Protect.

The Secure WebGui certificate works fine.

Thx in adavanced.

Resolved! How to protect an https webserver in the dmz with vulnerability protection ?

Hi guys,

the vulnerability protection is a really nice feature of the PA.If the PA is able to take a look at the traffic

this should work fine.

But how does it work if the webserver in the dmz only accepts https connections ? So the possible attacker co

...

Traffic shaping and QOS clarification

Hello

I try to do some traffic shapping for a server to control the traffic used by this server over internet, generally this was easy done over our old netscreen/juniper FWs

when i tried to figure it out over our PA 2020, i passed throught a not that

...

About undecided application.

Hello guys.

I have some question about APP-ID.

For session browser, PAN recognized application was UNDECIDED and traffic was passed and state was ACTIVE. so traffic was not dropped but why PAN could not recognized application properly and recognizing U

...

URL filtering block page

I would like to customize our block page to show the ip address of the user.

How do we add this on the html code of the blockpage?

I have the entry <p><b>IP:</b> <user/> </p> in my block page, but it shows the username instead of ip address.

Any thought

...

Resolved! Block FTP Brute Force Attemps - Threat ID 40001

Hello,

I want to block Block FTP Brute Force Attemps.

The default rule in the PA alert only in theThreat log.

I added a new Vulnerabolity Protection Rule:

Action: Block

Host type: Any (also tried Server)

Category: brute-force

Severity: Any

CVE: Any

Vendor ID:

...

Resolved! AD Groups Not Showing Up

I'm using User-ID and Active Directory groups to identify traffic from specific people. The User-ID part seems to be working because Source User shows up in the logs and I can configure firewall rules using individual user-IDs.

However, I'm having

...

Resolved! PAN radius dictionary for free-radius

Hi,

Is there a radius dictionary file for use with free-radius?

Regard's

Resolved! Multiple Block Pages?

Hello,

Is it possible to create/select/use a custom response/block pages for specific URL categories? For example: can I have one specific custom response page for "unknown" categories, and another block page for "malware" categories?

Thanks,

-Paul

Resolved! Best practice for committing changes in active-passive HA?

When making policy changes in an active-passive HA pair, do you usually edit and commit the policy using the active device, or the passive? I have always made my changes on the active device, but lately I've been thinking that because the management

...

IPS \ Application Signature

Hi all

I need to write ips / application signature to recognize sender and recipient in SMTP

for example:

If smtp sender A send mail to recipent B - Allow.

If smtp sender A send mail to recipent C - Block

I will be happy if anyone know how to do it.

Alon

Resolved! Adding user accounts to Local DB via a Captive Portal web form

I was wondering if there's a way to create a web form on the Captive Portal so that a user could create their own account and have it added to the PAN Local DB via an API?

Thanks,

Jeff

GP VPN dual factor auth, and contractor access.

I have two questions regarding the Global Protect Gateway / Portal (SAN the GP Licensing)

- I am wanting to setup two factor authentication for users to authenticate to Global Protect Gateway/Portal with a (common) client certificate installed on thei

...

Chrome Updater not working if EXE is blocked / application not recognized

Hi,

in one customer setup we face the following problem: We disabled EXE file downloading. In order do allow services to update we use an application filter with subcategory update and allow that traffic. Works like a charm for google-update, ms-updat

...

Discussions

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

Resolved! How to see historic load (CPU load) stats on 4020?

Global Protect certificate Error: Certificate 'certname' failed to load: parse tbs certificate not supported algorithm

Resolved! How to protect an https webserver in the dmz with vulnerability protection ?

Traffic shaping and QOS clarification

About undecided application.

URL filtering block page

Resolved! Block FTP Brute Force Attemps - Threat ID 40001

Resolved! AD Groups Not Showing Up

Resolved! PAN radius dictionary for free-radius

Resolved! Multiple Block Pages?

Resolved! Best practice for committing changes in active-passive HA?

IPS \ Application Signature

Resolved! Adding user accounts to Local DB via a Captive Portal web form

GP VPN dual factor auth, and contractor access.

Chrome Updater not working if EXE is blocked / application not recognized

On premise RSA MFA setup.

No ping reply via Palo to Palo S2S

PA not be able to access internet

SSO Palo Alto Support Portal

IPv6 on public interface

SYSTEM ALERT : medium : MLAV: Unknown error

Re: SYSTEM ALERT : medium : MLAV: Unknown error

Re: SYSTEM ALERT : medium : MLAV: Unknown error

Re: ACC shows ipv6 addresses in source/destination IP

Re: Howto delete sub-interace from cli

Unlock your full community experience!

Resolved! How to see historic load (CPU load) stats on 4020?

Resolved! How to protect an https webserver in the dmz with vulnerability protection ?

Resolved! Block FTP Brute Force Attemps - Threat ID 40001

Resolved! AD Groups Not Showing Up

Resolved! PAN radius dictionary for free-radius

Resolved! Multiple Block Pages?

Resolved! Best practice for committing changes in active-passive HA?

Resolved! Adding user accounts to Local DB via a Captive Portal web form