General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 329 Views
  • 0 replies
  • 2 Likes

Creating Zones (Sub-Zones) on PA-500

Hello,

This question might sound very stupid, but never mind: 

I have a PA-500 configured which does a specific job which does layer 3 and that requires creating a lot of zones in-order to differentiate the traffic ( as per my understanding, zones are

...

SSL Over-Ride Page

Hi,

Anyone had any luck with getting the SSL URL Over-ride page to display without a certificate error?

If I have 'transparent' mode enabled for this function I get a certificate error (it appears to replace my URL with the IP address, port 6083, which

...

apackard by L4 Transporter
  • 1630 Views
  • 1 replies
  • 0 Likes

Virtual Routers as High Availability

We have a less critical PA firewall system connected to an HSRP pair on the internal interface and an HSRP pair on the external interface.

What is the best way to configure these systems to ensure the most availability of the routes so traffic can con

...

blogspot.com application

Hello,

I'd like to differenciate blogspot.com websites that contain adult content from others blogspot.com sites.

I noticed  that blogspot.com adult content sites redirect the requested url to a page for content acceptance.

Is possible to block this beh

...

is it possible to make an aggregation of HA3 interface?

Hi there.

I have a question relevant to Active-Active HA.

This is example for a question.

I must configure Active-Active HA With PA-5050 of 2.

And external interface must aggregate with two or more interfaces to support 2G traffic. (Customer average tra

...

willstech by L3 Networker
  • 1796 Views
  • 1 replies
  • 0 Likes

Close Global Protect

This might be something silly I am overlooking, but of the 3 computers I have Global Protect installed none of them can close Global Proect when done with it. Even going in and trying to end the process just makes it open a new instance. Has anyone e

...

Linwood by Not applicable
  • 8056 Views
  • 12 replies
  • 0 Likes

Url Filtering Virtual Wire

We are waiting on some changes with our carrier and are using PA2050 set up as a virtual wire. I am trying to enable url filtering and when I enable the rule, it blocks all HTTP traffic.

When i set policy to deny, it denies all traffic. Thoughts?

BGP RIB-out prefix

I've setup bgp with this guide(for active/passive configuration):

https://live.paloaltonetworks.com/docs/DOC-1572

I needed to prioritize one ISP so I changed configuration with this guide:

https://live.paloaltonetworks.com/docs/DOC-1573

and

https://live.p

...

mribic by L0 Member
  • 4391 Views
  • 3 replies
  • 0 Likes

Block skype partially work

Hello,

I have panos 3.1.10 and I have rule to block skype and skype-probe application.

I'm using skype client 5.6.59.110 and the behavior is the following:

- skype client authenticate and goes  online

- contact became green (online status)

- Calls doesn't

...

Resolved! GlobalProtect Configuration Vanishing

Hi All,

I have been struck with some bizzare issues for my customer which is leading me no-where.  The issues are as follows:

-  The customer was using SSL-VPN NetConnect when on version 4.0.5.

-  There were issues regarding ARP Cache limits as the PA-5

...

Read-only Instant Messaging possible???

Hello guys,

I was just wondering if it was possible to have instant messaging as Read-Only mode.  For example, gtalk, can receive incoming messages, but the user cannot respond back to them.  Is there any way to configure or achieve this?

Cheers....

Applications and their dependencies

I am trying to figure out this APP ID and the dependencies

In order for symantec updates app to work, the FTP app must be allowed.  I discovered that to get to the doc's on palo alto network you need the app clearspace which is dependent on http-proxy

...

snormoyle by Not applicable
  • 3696 Views
  • 5 replies
  • 0 Likes

VTC NAT problem

I'm having a problem getting a standalone VTC box working.  We're replacing Cisco ASAs with PA-500s at our sites, so there are existing rules that should be working when translated to Palo Alto.  I'm fairly confident I have the requirements down:

tcp/

...

nwallette by Not applicable
  • 4396 Views
  • 6 replies
  • 0 Likes
  • 23670 Posts
  • 108 Subscriptions
Top Liked Authors
Labels