General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 470 Views
  • 0 replies
  • 0 Likes

Global protect excluded networks

Hi all,

there is a method on global protect to send all my traffic into the tunnel, but exclude the subnet range of the customer to remain connected with the office network and browse the web protected from office infrastructure, but with the possibil

...

fcellini by Not applicable
  • 2689 Views
  • 3 replies
  • 0 Likes

IPSec VPN (non site to site)

Is there any document that shows how to configure IPSec VPN (or any vpn rather than SSL) on the PAN?  I am not looking for site to site.  I only found site to site configuration.  The solution will be for clients who can vpn in remotely from everywhe

...

Source Address/Source User

When both a source address and a source user are specified, is the rule match

  1. source address AND source user?
  2. source address OR source user?

My guess is #1, but I can't find documentation to back that up.

Thanks,

Bart

user group mapping

Using PanOS 4.1.2 on 5020

listing group mapping:

show user group name "<DOMAIN>\<GROUP NAME>"

we get something like this

[1     ] <DOMAIN>\<name>.<surname>

....

though in "user id identification->group mapping settings" under "user objects"

we discretely ch

...

mpaskevic by Not applicable
  • 4136 Views
  • 1 replies
  • 0 Likes

Intercept DNS requests

Hi all,

I've read in an article that it's possible to intercept DNS requests with DNS proxy without setting PA IP address as the computer DNS Server.

Following this article, I've enabled DNS proxy in a PA interface (inside), redirecting DNS request to

...

SYSTEM ALERT : high : SSL connect error

Have any body got such error message as below:

domain: 1
receive_time: 2012/02/13  19:10:00
serial: 0002C123456
seqno: 0
actionflags: 0x0
type:  SYSTEM
subtype: general
config_ver: 0
time_generated: 2012/02/13  19:10:00
vsys:
eventid: general
object:
fmt: 0
id:

...

Apostrophe in user name breaks query builder

Hi all,

I have a username in my organisation that is domain\john.o'neill and I'm finding that when I try to do a query such as (user.src eq 'domain\john.doe') it's fine, but when I put in (user.src eq 'domain\john.o'neill'). I appreciate that this is

...

UKRB by L3 Networker
  • 2154 Views
  • 1 replies
  • 0 Likes

PAN 500 - 4.1.2 - Bypass Mgmt Interface

Hi,

I am pretty new to PAN Firewalls, and my question is really basic.

I would like to use only two interfaces on my Firewall : ethernet1/7 as my Lan and ethernet1/8 as my Internet Acess.

I would like to avoid using Mgmt Interface port.

I have found a th

...

  • 24084 Posts
  • 116 Subscriptions
Labels