This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 254 Views
  • 0 replies
  • 1 Likes

Show unused rules option

The show unused rules is very helpful but as I work at cleaning up rules after migration it would be really handy if I could clear that flag to see if the new rulesets created are handling all of the traffic before disabling the old rulesets. Is ther

...

PA-500 WAN connect directly to ISP

Hello,

We are using an PA-500. We would like to connect the WAN port directly to our ISP.

Normally the ISP requires a Cisco router with the following requirements.

Connectivity requirements:

Ethernet / IEEE 802.3-2005

WAN side 1000Base-T full duplex

100mb

...

check to check "deny" packages

Hi

I have some rules that will allow IPSEC between two Windows Domain Controllers, but it only works when I allow "any" underapplication - unless I ping from both ends.

So how can I see what port I am missing in my custom application group?

Thanks

FlexyZ by L3 Networker
  • 1495 Views
  • 1 replies
  • 0 Likes

User-id is it possible to check computers?

Hello,

One of our clients want to know if it is possible to build policies based on computer membership to AD groups.

In this situation we want to differentiate between computers that belongs to AD and which do not in purpose of VPN connections, so tha

...

Terminal Services User-ID Agent Flaw

A new customer during deployment was wanting to test how well the TS User ID agent was working at identifying users. We logged on as User A and started a specific ping. We search the log file, and there was the ping. We had it running continuous for

...

dpayne by L1 Bithead
  • 3177 Views
  • 4 replies
  • 0 Likes

Anti-spoofing Question

I'm trying to compare checkpoint interface topology configuration to panos. Is there a setting in panos where you can define what networks are behind an interface?

probin02 by Not applicable
  • 5700 Views
  • 5 replies
  • 0 Likes

Blocking by AppID don't work as expected

Hi

To block a webpage like Facebook, I have the follow two possibilities.

1) Block it by the Url Filter

2) Block it by the AppID

Since the URL Filter just looks at the URL and no other content. Access to Facebook will only be blocked if I try to access i

...

User_333 by L2 Linker
  • 2223 Views
  • 2 replies
  • 0 Likes

Resolved! Custom URL wildcard

Hi all,

I have a question relating to wildcards in a Custom URL Category on PA-500 - 4.1.0

I have the following entry in my custom URL category

     *.centos.org

and I'm finding that I'm getting a match with the following URL (and many others)

     mirror

...

DavePalo by L4 Transporter
  • 5428 Views
  • 9 replies
  • 1 Likes

Trouble after upgrading to 4.1

I was currently running 4.0.5 on panorama and HA active passive 2050 cluster.

The upgrade ran rather smoothly.

has something changed for service declaration in 4.1?

I define my addresses and custom services on the panorama which I sync to the HA cluster

...

Virtual balancing and PBF

Hi all,

My client need to do Load Balancing in his wan interfaces, I did the next config, in PBF I put four policies, one for the two Internet segments asigned to the first and more faster output (TRUST to (1.0.0.1-126.255.255.254) & (128.0.0.1-192.25

...

p_marquez by Not applicable
  • 1821 Views
  • 1 replies
  • 0 Likes

Resolved! URL Content filtering Question - Netflix

Ok, don't shoot the messenger but I was asked to see if I could unblock the queue management area for Netflix but still block the streaming media part of it...  We're using the URL filtering capabilities of the PA 2050 device and I have a policy defi

...

Emailing of CSV reports?

Currently my reports can only output in the default behavior offered - PDF's are sent automatically - however, some groups within the company that specifically manage risk want to add automation to the mitigation process - and doing that would be muc

...

jsilvia by Not applicable
  • 3398 Views
  • 1 replies
  • 0 Likes
  • 23627 Posts
  • 107 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks