This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4473 Views
  • 0 replies
  • 0 Likes

SIP/RTP + NAT - One way audio

Hi all,We are facing difficulties with a plain-in-to out and out-to-in NAT which is configured as described below:- Private to public - Public to private for ports 5060 an 9000-9049 UDP with the PBX address as destination.For some reason SIP signaling works fine, but the incoming RTP stream doesn't come through. The firewall was tested even with...

bsanders by L2 Linker
  • 19283 Views
  • 13 replies
  • 0 Likes

Can't Get AD groups to be used as user authentication

We are running 2 2050 firewalls running 4.16 software and 2 user agents running 4.1.0-43 code. When i try to limit a policy by an AD user name it works fine. However if I want to user a AD group name it wont hit the rule if i put in the user as a group. What am i doing wrong.SoMYAD\mcarlton will work for a user on a policy butMYAD\cooladmin...

mcarlton by L0 Member
  • 3783 Views
  • 2 replies
  • 0 Likes

Resolved! SFP vs SFP+

Anyone know if a 1Gb SFP module will work in a SFP+ slot on a 5050 / 5060? If so, any caveats?

dmcgee by L0 Member
  • 4501 Views
  • 2 replies
  • 0 Likes

Capture Gmail Username

Hi,I am about to finish an evaluation with a customer.He just shared with me a specfic requirement which would make him choose Palo Alto over competitors :Gmail must be allowed, but it must be possible to capture the username used to login to gmail.I have set up Outbound SSL Decryption, however i am struggling with Data Patterns :Normal regex wo...

Resolved! Captive Portal logon - Is it possible to disallow a user logging on from multiple devices?

Hello all,We are in the process of setting up a Captive Portal. All works fine. When a user is member of a defined AD security group, she can log on to the captive portal on a device (Mac, PC, iPhone, Android, etc), which opens the way to be able to browse the internet from that device.The user can log on to various machines at the same time, wi...

bsanders by L2 Linker
  • 4352 Views
  • 3 replies
  • 0 Likes

Monitoring throughput

Hi @all,in the cli I have an option to monitor the throughput via "show system statistics". Is there a way to monitor the firewallthroughput from external devices via snmp?Robert

how can i block site by category and user group

Hi there,I have some questions regarding on how to block URL category and by user group.the box is PA-2020 and when I block the social-networking with the source user is by group it wont work.When i look on the CLI the user group is <XXXX>.org but on the gui of the paloalto under user it only appears different group YYYY.orgbox configurati...

aldwine by Not applicable
  • 1971 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect Client connecting issue with Mountain Lion

We have updated some Macbooks to Mountain Lion and the connecting process take's about 10 Minutes now. Is there a workaround or will there be a fixed client when PAN-OS 4.1.7 will be released?We have a PA-500 HA Cluster using PAN-OS 4.1.6 and GlobalProtect client 1.1.5-5.

dkngroup by L0 Member
  • 4873 Views
  • 4 replies
  • 0 Likes

Resolved! UserID Agent - Required User Rights

HiI'm in the process of implementing the UserID Agent into a Windows 2008 DomainMy goal is to have a single user in the AD for all features required by PaloAlto.So I created a "panagent" user and added it to the "EventLog Readers" group, so it has access to the event logsI the configured the Agent to use this user in it's service settings to sta...

u13550 by L3 Networker
  • 8230 Views
  • 2 replies
  • 1 Likes

GlobalProtect without license on 4.1.1

I have a problem with global protect without license i have configured it as in tech notes says, but when i commit i get the following message.•Warning: No valid GlobalProtect portal license!(Module: useridd)When i launch Global Protect Client it not connets.In GlobalProtect Client I get the following Logs.(T4988) 01/13/12 15:36:45:998 Error(808...

LDAP group based rules versus Policy based URL filters

I am coming from an M86 (8E6) R3000 and Surfcontrol install to the Palo Alto URL filtering. I have multiple AD groups in my AD that are specific to URL filtering on the M86 R3000.I am re-using those groups on the Palo Alto to recreate my functionality... One group is "Blocked Internet Users." I have LDAP bound to my PA through my GC servers...

EdwinD by L3 Networker
  • 3755 Views
  • 2 replies
  • 0 Likes

Outlook Anywhere

we recently moved to Palo Alto for our firwall needs. Is it possible to get Microsoft's Outlook Aynwhere to work with the Palo Alto firewall?Thanks

Resolved! Threat Protection

I hope you may be able to answer a couple of quick questions for me as i am planning on switching Threat Protection on in the next few weeks.1. When we turn on Threat Protection i remember you saying that the throughput for the dataplane is cut in half, Is there any way of monitoring the throughput of the dataplane?2. When Threat protection ...

BBHLTD by Not applicable
  • 2492 Views
  • 1 replies
  • 0 Likes

Resolved! Brute Force Attemps - How many attempts exactly?

If you look in the Threat Vault you can see there are many different brute force sigs listed (ssh, rdp, postgres, smb, etc..).My issue is the descriptions dont mention how many attempts it takes to trigger this alert? is it 5 or 50 or 5000? 5 im not really worried, 50 attempts and I'm definately going to do some digging. Am I correct that this i...

choff123 by L3 Networker
  • 3621 Views
  • 2 replies
  • 0 Likes

Resolved! Strange Sharepoint upload problem.

Hi,I have a bit of a strange one hence the strange question.I have a user who wants to upload files to a company's sharepoint website. Now as my rules stand currently they are not allowed to upload or use certain web applications.I tried making a custom rule just for testing purposes on a machine with the same ip range as the user in question an...

  • 24380 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks