This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4225 Views
  • 0 replies
  • 0 Likes

Resolved! Questions on Palo Alto safe practices

Hi i have a few outstanding questions on Palo Alto devices. We just migrated from Juniper to PA line. So these might sound silly for people who already are on PA line.Do we have any primary and back up images on PA firewall . Just like in JUNOS if one image is corrupt it tries to load from the back up image file.How many rollbacks does the PA de...

srikanth by Not applicable
  • 11932 Views
  • 20 replies
  • 0 Likes

Resolved! Static Routes AND BGP on Same Vritual Router?

Could not find explicit answer in manual but Im pretty sure this is possible.Can I use Statiuc Routes AND BGP protocol on the same Virtual Router?Also, if Im able to do this is it a smart idea or am I asking for trouble?Thanks!--CH

choff123 by L3 Networker
  • 2629 Views
  • 2 replies
  • 0 Likes

Resolved! Need to learn of reports

Hi,I am new to Palo Alto. I was wondering if there is any information that can show me if there is a way to write a search without using the threat Id's on the website.for example if I would like to search for all forms of Zeus how can this be done without haing to put in all 15000 threat Id'sthank you

Resolved! DMZ and Destination NAT using same subnet

We have migrated from a TMG (ISA) and Cisco Firewall deployment to a PAN firewall with the TMG being used to do proxy and URL redirection. We have a /25 IP range from our ISP that is used for public addresses. We currently have the environment configured so that the PAN does Destination NATs to our internal web non-sharepoint sites. The TMG is u...

craymond by L4 Transporter
  • 7009 Views
  • 5 replies
  • 0 Likes

Resolved! Want to create a security policy based on domain user group.

Hi, I would like to set up a security policy based on a group a user belongs to on my AD. I've set up the LDAP, and USER ID client on the server, but when I go to create the security rule, nothing shows up in the add box for the user. Even if I click the drop down, or start to type the domain/username info. I'm thinking I missed a step, or somet...

Multicast IP-tv streaming thru PA ?

I am struggeling to find information about multicast and PA.I would like to get may multicast running on my lan forwarded to my external site. Currently I have a IPsec tunell running between but the multicast do not need the IPSEC security. I have a WAN connection with pure L2 from my WANprovider. Is it possible to use VWire , policybased forwar...

stig by L1 Bithead
  • 3843 Views
  • 2 replies
  • 0 Likes

Baseline of Firewall Throughput (Performance)

Hi,I need to be able to create a baseline of firewall throughput. I know that I can view the throughput real time with the "show system statistics" command, but does anyone know a way of monitoring this over time to use in graphs or reports. I would like to have this data so that I know as new projects come up, the firewall can handle the addi...

Milamber by L1 Bithead
  • 11159 Views
  • 8 replies
  • 1 Likes

Resolved! NTLM URL in PANOS 4.1

We have just recently upgraded our firewalls from 3.1 to 4.1Does anybody know what the ntlm URL is in 4.1?Old link: http://firewall:6080/esp/ntlm.espNew link: ???Each time an admin user logs on remotely to someone’s machine or enters their admin credentials inside their current windows session, the firewall will continue to use those admin crede...

adevine by L1 Bithead
  • 2639 Views
  • 1 replies
  • 0 Likes

SSL Decryption in PAN 4.1 fails - Firefox warns "ssl_error_rx_unexpected_new_session_ticket"

Since upgrading to Palo Alto Networks 4.1 we often have warnings in several firefox and thunderbird clients. Then we get the error mesage "ssl_error_rx_unexpected_new_session_ticket". This example is from thunderbird:Additionally the behaviour of the firewall to let some SSL communication undecrypted - for instance: on the first click https://ww...

mhuels by L3 Networker
  • 5847 Views
  • 6 replies
  • 0 Likes

Global Protect client can't be disabled

HiI've just rolled out the Global Protect client (version 1.1.6) to some contractors that need remote access to our network. I've got it setup as follows:Portal config - Client ConfigurationOptions:- On DemandAgent: Enable advanced view - true User can save password - true Passcode - blank Confirm - ...

TDC by L1 Bithead
  • 5749 Views
  • 5 replies
  • 0 Likes

Administrator Accounts

When I create new administrator accounts the accounts cannot login. The palo alto system logs shows invalid username/password, but the name and password are being typed correctly. anybody have any ideas why.

snormoyle by Not applicable
  • 3356 Views
  • 3 replies
  • 0 Likes

Pan vs proxy???

Hi all!I am newer and I meet some problems with PA 2050I want use PA 2050 to monitor traffic in my network.I setup PAN in Mode Layer 1 ( virtual wire)I setup Polices is aler ( not block - i sure it)I have a proxy, client can access internet through Proxy or not, all ok!But after i put PAN, client can't not access internet through Proxy,but if cl...

dat.tran by L2 Linker
  • 2506 Views
  • 2 replies
  • 0 Likes

Global Protect ios,iphone

Hi,I want to use my iphone and ipad devices automaticly to connect throught Global Protect to internal network and they will use as internet their own connection.Just for internal access they will use Global Protect.The real question is : when we configure this for the phones, Do we have a option that iphone user will always be connected to Glo...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks