General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 481 Views
  • 0 replies
  • 2 Likes

How to configure a Cisco ASA behind PA2050 with public IP

Greetings,

I'm trying to figure out how to configure our PA2050 to point one of our public IPs in a /25 block to a Cisco ASA 5510 behind it. We're using both the PA's SSL VPN and the ASA's SSL VPN so I'd like to plug the ASA into port 2 on the PA2050

...

mhoush by Not applicable
  • 4202 Views
  • 5 replies
  • 0 Likes

App Scope Times Wrong

I upgraded our PAN-500 to 4.01 today and now all of the times in the App Scope Monitors (Network, Threat, etc) are off by 4 hours.  The Log times are all correct.

For instance, it is now 18:22 according to the Device page on the PAN (which is correct)

...

Per host QoS

Hi there.

I've played with different QoS setups. And currently I'm trying to set up a per host based QoS or BW shaping.

My QoS profile is as following:

Class 3, Min BW: 2Mb/s MaxBW:3Mb/s

Class 4, Min BW: 1Mb/s MaxBW:2Mb/s

QoS policy is:

#1 SrcZone: Inside,

...

atea_svg by Not applicable
  • 3943 Views
  • 4 replies
  • 0 Likes

Auto-enable youtube safety mode?

We are looking at opening up YouTube to our general user base, but do not want to push out a policy that would enable safety mode. I'd like to have a URL filtering continue and override page where the user could click on the continue button, which wo

...

issues accessing urls even though whitelisted

Hi,

I am having problems troubleshoot access to http://www.stockbrokers.barclays.co.uk/ when i try to login,(https://www.stockbrokers.barclays.co.uk/idv/Login1.asp?category=&usecase=login&popup=&)

I have allowed *.barclays.* on the url filtering profil

...

Resolved! some CLI command

One requirment is :  infos need come from CLI ( not GUI) , PLs advise :

1. We can view all admin-accout infos (name,role etc.) in GUI Device->Administrators , what's CLI cmd could show these list ?

2. Web console or CLI console login  timeout value --h

...

JeffJin by L2 Linker
  • 2576 Views
  • 3 replies
  • 0 Likes

dns-proxy static entry lost

I've got a PA-5050 running version 4.0.6.

I'm using the dns-proxy to resolve a single address from my wireless guest network access.  It works fine for days, then sometimes just stops working.

Under Network >> DNS Proxy the entry is listed and enabled,

...

turnerr4 by L0 Member
  • 1641 Views
  • 1 replies
  • 0 Likes

H.225 Content Inspection

I am having a problem with VOIP communications passing through my PA-4020's. The PA is recognising the H.225 application, however it would appear that the content inspection is not translating the IP addresses within the application payload,  I do h

...

debsPal0 by Not applicable
  • 2774 Views
  • 1 replies
  • 1 Likes

Edinburgh - pbf + zone lookup snafus

Hi,

I'm seeing the following.

Consider:

- two existing Internet lines, put in zones "I-1" and "I-2"

- there are two L3 interfaces, one in I-1 with address PA-1, one in I-2 with address PA-2

- the default route goes to a router reachable in I-2

- there's a

...

Commit failed due to Application update

After an auto update of application we can't do a commit with out explanation on the commit page.

We discover that when we do a revert of application the commit is ok so we put off the auto update but we want it back.

How could we solve this problem ?

...

support by L1 Bithead
  • 3432 Views
  • 4 replies
  • 0 Likes

SNMP V3 Configuration

I notice that there is no example or detail descriptions for configuration of SNMPv3.  Here is my configuration which works but I never got the include/exclude mask to work.  If someone else have an example or recommendations please upload.

set device

...

blacksan by L1 Bithead
  • 5269 Views
  • 1 replies
  • 0 Likes

CPU

I would like to know that If I observe from Throughput and Session is not exceed the maximum number that box can support. What cause that may make CPU performance overload? Please kindly share idea.

Note. My box is PA2050. Thoughput is around 400Mbps

...

New PA Purchase - Rules question and any tips?

Recently purchased a PA2020 to replace our Cisco PIX 525.  I'm in the process of auditing our cisco config and recreating it in the PA.

I'm looking for suggestions on how to allow applications inside to outside and outside to inside.

I only have two zo

...

SSL VPN users unable to access the internet though Palo

Hi

     I have setup SSL VPN and its been in use for a few weeks without any issue with the exception of one minor annoyance.

I have been unable to get the SSL VPN users to be able to see the internet when connected.

1) The access route is set to 0.0.0

...

  • 23709 Posts
  • 110 Subscriptions
Top Liked Authors
Labels