This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

Resolved! Rogue/Fake Antivirus Malware detection?

I was wondering if there is any way to detect the Rogue/Fake Antivirus Malware that is making its way around the internet?A couple in paticular are Internet Security 2010, Antivirus Live and Advanced Virus Remover.Thanks,D

PA 500, Hairpin routing and front ending certs

I am trying to implement a Exchange 2010 setup and the consultant is asking if the PA can handle HairPin routng and if it can front end the certs for the Exchange systems. I haven't a clue and google results were less than clear, so am turning to the forums and hopeing someone else does. Anyone?

u7483 by Not applicable
  • 2919 Views
  • 1 replies
  • 0 Likes

create an application to replace a service

I'm converting a Check Point firewall to PAN. they have multiple rules where ping and other user-defined services are participating. Can I create an app with the port of those services so I can have all in one rule? Do you see any problem wit that?

How to add already configured FW to Panorama

I must be missing a step because I am able to add a FW that has no policies or virtual systems to Panorama, but when I try to add a FW that is already configured with rules and multiple virtual systems, Panorama just says "shared policy status" "Out of Sync" and will not say it is connected. Is there a trick to get Panorama to allow me to add a...

Help required to convert Cisco ASA NAT rule onto Palo Alto

Hi Guys,I am not expert in reading or understanding the Cisco ASA NAT rules and I have just started to feel comfortable with Palo Alto except for NAT rules. Can someone please guide me through on how to go around configuring the following Cisco ASA NAT rule onto the Palo Alto?I have just taken a couple of rules to convert. Based on this, I wou...

Resolved! user-id 4.1.3-2, pan os 4.1.3, no user mappings

hello and hope someone can help,i am brand new to PAN(not to FWs or networking) and I've been trying to get this to work for a week now with no results?i have attached some pics of the user id agent gui and logs.i have read and followed the instructions found in the following docs:" user-id agent initial installation and setup version 4.1","us...

jj by Not applicable
  • 16604 Views
  • 8 replies
  • 1 Likes

how to configure PAN to work as proxy

Hi ThereWe have this problem after implementing PA-2020, we are facing the slow ness of our internal web site, before we were using ISA 2006 proxy where we can add exception in the Policy Management put now we could not implement proxy in pan and we remove the ISA according to PAN recommendation

almaskri by Not applicable
  • 2382 Views
  • 1 replies
  • 0 Likes

IE8 and captive portal

Users are getting "can not display web page" in IE and "connection reset" message when using firefox when opening the browser up and captive portal is attempting to redirect them to the authentication page or the "block-continue" page. Has anyone noticed or seen this happen? I notice it only when the WMI polling fails to correctly identifty the ...

jasbeck by Not applicable
  • 10377 Views
  • 12 replies
  • 0 Likes

Resolved! Dynamic URL Filtering when policy matching on URL

Hi,We're using dynamic URL filtering (ie the "cloud" database") within our URL-filtering profiles. Within PAN-OS 4.1 there is now the option to match on URL category within security policies, but no checkbox there to use the Dynamic Filtering. So, if I try and access a URL thats not in the local database, does the firewall still go and query t...

UserID Exclude Not Working

Hi,I have a problem where the 'User ID Exclude List' setting within the Zone setup on a Palo is not working.I have set my UserID agents to collect events from all IP addresses, then want to filter them on the PA itself as this seems the most logical sequence. I initially only added the objects to the 'Include' list that I wanted to collect ID's...

apackard by L4 Transporter
  • 2830 Views
  • 3 replies
  • 0 Likes

2050 running high dataplane CPU

Our PA-2050 is consistently running at 70-85% on the dataplane CPU despite running at 1/5 of the advertised maximum specs (40-40k sessions and 100-110mbps). I understand that the specs listed are best case scenario and don't expect to get close but I do expect better performance than what I am getting. It could be that our device is just wonky s...

Lopes by Not applicable
  • 4291 Views
  • 4 replies
  • 0 Likes

User-ID on incoming connections

So, we are currently using the user-id agent to monitor our CAS exchange servers. This is working great for identifiying our internal users hitting exchange from the inside. However I would like to begin identifying users that are accessing the CAS servers from the outside. I have tested this with a single IP address range added to the user-ID a...

Resolved! CLI equivalent of GUI task

Is there a way to determine the CLI equivalent of a command/task done within the management GUI?For example, with PAN 4.1.2, what is the CLI equivalent of the GUI when you import a pkcs12 format certficate?thanks, Jeff

Jeff_K by L2 Linker
  • 4043 Views
  • 4 replies
  • 0 Likes

IPSec Tunnel QoS

I have a PA-2050 running 4.0.7. I have an IPSec tunnel that runs between 2 sites (one is a Palo, the other is ??)I would like to guarantee some level of bandwidth available for this tunnel, to ensure that it gets a level of priority at least over basic web and streaming traffic.I'm confused about how to assign this priority.Here's what I've done...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks