General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Show unused rules option

The show unused rules is very helpful but as I work at cleaning up rules after migration it would be really handy if I could clear that flag to see if the new rulesets created are handling all of the traffic before disabling the old rulesets. Is ther

...

PA-500 WAN connect directly to ISP

Hello,

We are using an PA-500. We would like to connect the WAN port directly to our ISP.

Normally the ISP requires a Cisco router with the following requirements.

Connectivity requirements:

Ethernet / IEEE 802.3-2005

WAN side 1000Base-T full duplex

100mb

...

check to check "deny" packages

Hi

I have some rules that will allow IPSEC between two Windows Domain Controllers, but it only works when I allow "any" underapplication - unless I ping from both ends.

So how can I see what port I am missing in my custom application group?

Thanks

FlexyZ by L3 Networker
  • 1432 Views
  • 1 replies
  • 0 Likes

User-id is it possible to check computers?

Hello,

One of our clients want to know if it is possible to build policies based on computer membership to AD groups.

In this situation we want to differentiate between computers that belongs to AD and which do not in purpose of VPN connections, so tha

...

Terminal Services User-ID Agent Flaw

A new customer during deployment was wanting to test how well the TS User ID agent was working at identifying users. We logged on as User A and started a specific ping. We search the log file, and there was the ping. We had it running continuous for

...

dpayne by L1 Bithead
  • 3010 Views
  • 4 replies
  • 0 Likes

Anti-spoofing Question

I'm trying to compare checkpoint interface topology configuration to panos. Is there a setting in panos where you can define what networks are behind an interface?

probin02 by Not applicable
  • 5459 Views
  • 5 replies
  • 0 Likes

Blocking by AppID don't work as expected

Hi

To block a webpage like Facebook, I have the follow two possibilities.

1) Block it by the Url Filter

2) Block it by the AppID

Since the URL Filter just looks at the URL and no other content. Access to Facebook will only be blocked if I try to access i

...

User_333 by L2 Linker
  • 2115 Views
  • 2 replies
  • 0 Likes

Resolved! Custom URL wildcard

Hi all,

I have a question relating to wildcards in a Custom URL Category on PA-500 - 4.1.0

I have the following entry in my custom URL category

     *.centos.org

and I'm finding that I'm getting a match with the following URL (and many others)

     mirror

...

DavePalo by L4 Transporter
  • 5162 Views
  • 9 replies
  • 1 Likes

Trouble after upgrading to 4.1

I was currently running 4.0.5 on panorama and HA active passive 2050 cluster.

The upgrade ran rather smoothly.

has something changed for service declaration in 4.1?

I define my addresses and custom services on the panorama which I sync to the HA cluster

...

Virtual balancing and PBF

Hi all,

My client need to do Load Balancing in his wan interfaces, I did the next config, in PBF I put four policies, one for the two Internet segments asigned to the first and more faster output (TRUST to (1.0.0.1-126.255.255.254) & (128.0.0.1-192.25

...

p_marquez by Not applicable
  • 1736 Views
  • 1 replies
  • 0 Likes

Resolved! URL Content filtering Question - Netflix

Ok, don't shoot the messenger but I was asked to see if I could unblock the queue management area for Netflix but still block the streaming media part of it...  We're using the URL filtering capabilities of the PA 2050 device and I have a policy defi

...

Emailing of CSV reports?

Currently my reports can only output in the default behavior offered - PDF's are sent automatically - however, some groups within the company that specifically manage risk want to add automation to the mitigation process - and doing that would be muc

...

jsilvia by Not applicable
  • 3221 Views
  • 1 replies
  • 0 Likes
  • 24125 Posts
  • 102 Subscriptions
This widget could not be displayed.
Top Solution Authors
Top Liked Authors
Labels