General Topics

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! User-ID Agent Losing Users

We've been running into an issue with our User-ID Agent where it seems to not have enough discovered users but its also losing them randomly as well. Running User ID Agent version 4.1.4-3, we have it pointed at 5 DCs and it is picking up around 1500

...

How to block transferring particular file extensions in Google Talk,.?

Hi All,.

Is it possible to block transferring files with particular file extensions ( eg,..pdf,dwg,dll) through Google Talk? I tried to do this but not succeeded. But in the file blocking profile the application "gtalk-file-trasfer" is there.

When i am

...

KeyWord Search

Hello

On our old firewall which was fortinet we could block keyword search in the web in google etc.

is there anyway to do this on Palo Alto?

Thanks

Darren

Data Filtering keywords

hello can you use data filtering as a block if a user types those words in google search? eg someone types football hits search but block due to the data filter? is this possible? mark

Resolved! How to block people who are trying to exploid vulnabillities for a period of time

Hello everyone,

Our PA's are using the thread prevention system which drops traffic that is trying to exploid vulnabillities, do DoS attacks etc.

All works very nice - but it's only affecting the attempt on an individual basis.

F. ex. - someone performs

...

Resolved! cannot put a interface to work

hello everybody,

I configured an interface, ethernet/5, with ip 192.168.230.1/29 and connected to a device with ip 192.168.230.3/29

Theres no way i can see each other, cannot ping PaloAlto from the other device and vice versa

Ive already changed cables,

...

Resolved! Interface or gateway monitoring

I'm looking for an option which will disable an interface if a remote gateway is not available.

This option exist for ipsec vpn (tunnel monitor) but I didn't find it for an L3 interface.

For exemple, I want to use an interface for outgoing traffic and

...

drop-reset application list

Hello,

I found this explanation about TCP REJECT today :

"The deny action used in a security policy will either ‘drop’ or ‘drop-reset’ based on the app being used in the policy.

For most browser-based apps, it is drop-reset - this prevents the browser f

...

delete URL logs older then 7 days

Hello,

we have the legale requirement to delete access logs (URL Filter is set to "alert") which are older then 7 days.

Is that possible somehow?

We cant accept an answer like "please export your log, delete old stuff and import it again". The logfiles

...

Resolved! Zone Protection - Reject Non-SYN TCP

Hi everyone!

I've configured a zone protection profile with SYN Flood protection and SYN Cookies enabled. In the same profile I've set the option "Reject Non-SYN TCP" to "no". I've applied this profile to my untrust zone and run a commit.

When I run th

...

how to allow the access face book , but block the other social networking sites

Hi,

I am testing paloalto firewall and have a basic question.

How to enable access
to face book to some users , but block the other social networking sites.

I setup a default policy to all users and my default URL policy
is to blocked social networking.

...

Resolved! Security Policy with URLs

Is it possible to create a Security Policy with the Destination address as a URL? I would prefer to use the URL to avoid using the IP in case the destination service changes it.

Thanks,

Dennis

PANAgent show user ip-user-mapping has 0 users

PANAgent seems to be running fine...

show user pan-agent statistics

reports "*connected, ok"

show user pan-agent user IDs

show all users and groups as expected

but show user ip-user-mapping

reports 0 users.

PAN-OS 3.1.8, and I have another firewall (same ve

...

Password Policy

Hello,

does somebody know how to setup Password Policy for management users in PAN OS 4? I am talking about minimum password length, special characters etc.

Deny search terms

Hello Is it possible to deny search terms if a user searches a term in google eg a student types the word in boobs then clicks images

Discussions