This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4425 Views
  • 0 replies
  • 0 Likes

Best way of restricting web access?

Hi there,Have a "interesting" problem. Scope* Clients are not to be allowed access to the internet. Restrict and control with firewall.Scope creep*Clients need access to Google to do a search, click on any links in that search. They will search for people/locationHow can I best isolate and protect these clients web access? I've been trying to fi...

Ante by Not applicable
  • 3460 Views
  • 4 replies
  • 0 Likes

Resolved! User-ID agent v.4.1.4.3

A question about using palo alto with the user-id agent v.4.1.4.3I get complain from the administrators of Window env. They see that the user-id agent doing many logs on all PC. They are store in the Events>Security logs on each PC.Since the installation of the agent, all PC logs many stuff in the computer event> security tab. All of t...

Configuring QoS settings multiple egress interfaces

We currently have our PA-5050 configured with two vWire ingress and two vWire egress interfaces (one trust and one untrust zone mapped to vWire-1 and one trust and one untrust zone mapped to vWire-2). In this configuration is it possible to configure QoS? I see that when configuring QoS on the interface you only have the option to select a singl...

wfleitz by L0 Member
  • 3561 Views
  • 3 replies
  • 0 Likes

Resolved! NAT and GRE

Hello.I have to do NAT for GRE protocol and as i've read here in knowledgebase that can only be done with static NAT without specifiying ports. However the customer also has other services on same public IP address, like SMTP and DNS.Would this work?Rule1 - Public_address -> ports 53TCP/UDP -> NAT -> private_server1Rule2 - Public_addre...

santonic by L6 Presenter
  • 4045 Views
  • 4 replies
  • 0 Likes

Resolved! Detecting Flame exploit

It looks like the Snort folks have a signature for Flame, does PAN? If not, when is it coming? The CTOs will be asking if we are safe...http://vrt-blog.snort.org/2012/05/flame-malware-targeted-attacks-and-you.html

Dropbox Signature Change?

Hello,We have for some time now blocked the use of Dropbox (as an app) and only allow a few users access, based on a domain group. Over last couple of weeks have noticed activity where non allowed users are able to access the application. In my initial investigation, it appears the sessions are not falling into the "dropbox" application object ...

MGoodnow by L4 Transporter
  • 5426 Views
  • 5 replies
  • 0 Likes

Subnet entry in Custom URL Category

If I were to enter multiple subnets (ex: 218.65.30.0/24) as entries in a Custom URL Category, will those entries been seen as the entire subnet or will they be seen as a URL (http://218.65.30.0/24)? I ask this because I'm looking at creating an outbound block/deny policy based off custom URL categories and I want to make sure I am actually bloc...

sconley by Not applicable
  • 3146 Views
  • 1 replies
  • 0 Likes

Resolved! Graph Realtime bandwidth consumed by each application

Hello,Is it possible to have a graph with the Realtime bandwidth consumed by each application in VWIRE mode ?I saw these: http://www.paloaltonetworks.com/products/QoS.htmlbut for applications, there is only a chart...Maybe is there a way to make it with the splunk tools?Regards,

Inbound NAT - Please advise

Hi,Consider the following:All traffic (0.0.0.0/0) is NAT'd as 1.1.1.1 (public)The exchange server has an inbound NAT of 1.1.1.2 (public) > 192.168.1.1 (private).Now when the exchange server makes a connection to the outside world will it be seen as 1.1.1.1 or 1.1.1.2?If it is 1.1.1.1, then I must make a reverse NAT rule for all my inbound VIP...

Resolved! Maximum Rows In Policy Editor

I am currently working within Panorama and for one device group there are over 533 rules and editing them is terribly slow. I found this document and one of the fixes mentioned was limiting the row count in the policy editor to only 100. I would love to do that but I can't seem to find where in the interface I specify this.Any help would be v...

External IPs with two ISPs

Dear all,We have a special setup on our external firewall interfaces. There are two different Internet lines from two different ISPs:The yellow line (ISP b) indiaces the main Internet line. The green one is currently only used for outgoing e-mails using the "main" IP address 212.x.x.6. Now we would like to activate an additional IP range assigne...

oschuler by L4 Transporter
  • 3122 Views
  • 2 replies
  • 0 Likes

Resolved! expanding, an expanded panorama storage

Hi,I will do follow the procedure "Expending Panorama Storage Using a Virtual Disk", admin 4.1 doc, page 270, to have a 500GB disk for log. But a question popup!! (again)Here my question : can we expend, a second time, a expanded panorama storage? And if we do this, we will still have the logs? And how?just to be more clear :- let say toda...

export all logs from PA to Panorama

Hi,I have config PA-2050 to send logs to panorama, using this doc:https://live.paloaltonetworks.com/docs/DOC-1267àBut i have old logs in PA that stay there. Just the new logs are send to panorama.There is a way to export all logs to panorama? i need to keep those log in the panorama engin for investigation purpose.thanks!

  • 24374 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks