This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Traffic shaping and QOS clarification

HelloI try to do some traffic shapping for a server to control the traffic used by this server over internet, generally this was easy done over our old netscreen/juniper FWswhen i tried to figure it out over our PA 2020, i passed throught a not that the shaping is done only over egress port of the FW.and there are a document here that explain so...

daba1974 by Not applicable
  • 5600 Views
  • 2 replies
  • 0 Likes

URL filtering block page

I would like to customize our block page to show the ip address of the user.How do we add this on the html code of the blockpage?I have the entry <p><b>IP:</b> <user/> </p> in my block page, but it shows the username instead of ip address.Any thoughts?Thanks.

Resolved! Block FTP Brute Force Attemps - Threat ID 40001

Hello,I want to block Block FTP Brute Force Attemps.The default rule in the PA alert only in theThreat log.I added a new Vulnerabolity Protection Rule:Action: BlockHost type: Any (also tried Server)Category: brute-forceSeverity: AnyCVE: AnyVendor ID: AnyI placed the rule above al the default rules (see attachment).If I simulate a ftp brute force...

Resolved! AD Groups Not Showing Up

I'm using User-ID and Active Directory groups to identify traffic from specific people. The User-ID part seems to be working because Source User shows up in the logs and I can configure firewall rules using individual user-IDs. However, I'm having issues with the AD groups. The Palo Alto is able to pull existing groups from Active Directory a...

PSC_IT by L1 Bithead
  • 11063 Views
  • 4 replies
  • 0 Likes

Resolved! Multiple Block Pages?

Hello,Is it possible to create/select/use a custom response/block pages for specific URL categories? For example: can I have one specific custom response page for "unknown" categories, and another block page for "malware" categories?Thanks,-Paul

apc050 by Not applicable
  • 7646 Views
  • 3 replies
  • 0 Likes

Resolved! Best practice for committing changes in active-passive HA?

When making policy changes in an active-passive HA pair, do you usually edit and commit the policy using the active device, or the passive? I have always made my changes on the active device, but lately I've been thinking that because the management CPU usage on the passive device is much lower, it might be faster running the commit there. I c...

IPS \ Application Signature

Hi allI need to write ips / application signature to recognize sender and recipient in SMTPfor example:If smtp sender A send mail to recipent B - Allow.If smtp sender A send mail to recipent C - BlockI will be happy if anyone know how to do it.Alon

along by Not applicable
  • 2499 Views
  • 2 replies
  • 0 Likes

GP VPN dual factor auth, and contractor access.

I have two questions regarding the Global Protect Gateway / Portal (SAN the GP Licensing)- I am wanting to setup two factor authentication for users to authenticate to Global Protect Gateway/Portal with a (common) client certificate installed on their machine that our IT department installs. I currently have just AD authentication integrated but...

cmateam by L3 Networker
  • 4228 Views
  • 1 replies
  • 0 Likes

Chrome Updater not working if EXE is blocked / application not recognized

Hi,in one customer setup we face the following problem: We disabled EXE file downloading. In order do allow services to update we use an application filter with subcategory update and allow that traffic. Works like a charm for google-update, ms-update etc. However today I noticed tons of blocks from xxxxxx_Chrome_updater.exe (xxxxx being date, v...

Resolved! Commit issue - Error updating NAT IP pools

After updating Policy and Nat Rules, I got the follow commit errors:- Error: Error: Error updating NAT IP pools- Error: response from cfgpush.s1.dp1.comm.cfg-dp: Error updating NAT IP poolsThis error still occurs if i disable (or even delete) the newly added rules. Since i did a commit ~10min before, i am sure, i didn't changed anything else.So,...

User_333 by L2 Linker
  • 2732 Views
  • 1 replies
  • 0 Likes

Resolved! Globalprotect iexplorer 9 Proxy

Hi All,i've a globalprotect vpn to connect to office, when i'm at customer site. I use a macbook pro and vpn works well, on the other pc, a Dell with windows 7, the vpn works fine if i connect in thetering from my mobile phone, but if i try to connect over customer proxy i see up and down continuosly and the vpn doesn't work. i've also checked t...

fcellini by Not applicable
  • 2777 Views
  • 1 replies
  • 0 Likes

GlobalProtect behind proxy

GlobalProtect is using SSL and IPSec. Is GlobalProtect proxy aware? Ie. if GlobalProtect client is located on a network that dictates the use of a http/https proxy to get internet access?BR,Nicolai

snaft by Not applicable
  • 4720 Views
  • 4 replies
  • 0 Likes
  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks