This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Url Filtering Virtual Wire

We are waiting on some changes with our carrier and are using PA2050 set up as a virtual wire. I am trying to enable url filtering and when I enable the rule, it blocks all HTTP traffic.When i set policy to deny, it denies all traffic. Thoughts?

BGP RIB-out prefix

I've setup bgp with this guide(for active/passive configuration):https://live.paloaltonetworks.com/docs/DOC-1572I needed to prioritize one ISP so I changed configuration with this guide:https://live.paloaltonetworks.com/docs/DOC-1573andhttps://live.paloaltonetworks.com/docs/DOC-1574The problem now is, I don't see any RIB-out prefixes and my ISP ...

mribic by L0 Member
  • 5723 Views
  • 3 replies
  • 0 Likes

Block skype partially work

Hello,I have panos 3.1.10 and I have rule to block skype and skype-probe application.I'm using skype client 5.6.59.110 and the behavior is the following:- skype client authenticate and goes online- contact became green (online status)- Calls doesn't work (no ringing tone)- chat seams work but whit a lot of delay (i.e when you send a message the...

Resolved! GlobalProtect Configuration Vanishing

Hi All,I have been struck with some bizzare issues for my customer which is leading me no-where. The issues are as follows:- The customer was using SSL-VPN NetConnect when on version 4.0.5.- There were issues regarding ARP Cache limits as the PA-500 has only ARP cache limit of 500.- We were told that PAN would be increasing the ARP cache limi...

Read-only Instant Messaging possible???

Hello guys,I was just wondering if it was possible to have instant messaging as Read-Only mode. For example, gtalk, can receive incoming messages, but the user cannot respond back to them. Is there any way to configure or achieve this?Cheers....

Applications and their dependencies

I am trying to figure out this APP ID and the dependenciesIn order for symantec updates app to work, the FTP app must be allowed. I discovered that to get to the doc's on palo alto network you need the app clearspace which is dependent on http-proxy.As I allow the FTP and http-proxy apps how can that be restricted so just not anybody can then g...

snormoyle by Not applicable
  • 5278 Views
  • 5 replies
  • 0 Likes

VTC NAT problem

I'm having a problem getting a standalone VTC box working. We're replacing Cisco ASAs with PA-500s at our sites, so there are existing rules that should be working when translated to Palo Alto. I'm fairly confident I have the requirements down:tcp/1720 (h323)tcp/5060 (sip)tcp/5061 (sip-tls)udp/5060 (sip-udp)tcp/60000-64999 (media-tcp)udp/60000...

nwallette by Not applicable
  • 6109 Views
  • 6 replies
  • 0 Likes

Size limit for URL block list

Is there a size limit for a URL block list, anad if so, what is it? (I understand that there is a size limit on each URL...I am referring to the size of the entire list of URLs)

jstiling by Not applicable
  • 6045 Views
  • 6 replies
  • 0 Likes

Resolved! Unable to download Dynamic Updates/

So, has anyone run into an issue with downloading Dynamic Updates? We are curently running a pair of PA-4060's in active/passive mode, with PAN-OS Software version 3.1.9. I have configured the firewalls to download only and sync to peer both the Application and Threat signatures everyday at 1800 and the Antivirus signatures every hour on the hou...

UAMSITSEC by Not applicable
  • 17519 Views
  • 9 replies
  • 0 Likes

URL filtering not active

Hello,I have NFR PA-2050 device. Software is 3.1.1. Licence is valid (see screenshot).Url filtering is not active. There is no activation button to activate it too (see screenshot)request url-filtering upgrade/revert/install doesn't work. request url-filtering download statusError installing last databaseany idea ?RegardsMichal

Resolved! PA-5020 NAT Limitations ?

All,We're in the process of doing a Checkpoing to PA conversion and we think we've found a possible show stopping issue. On our Checkpoints we have a large number of NATs that we need to port over. Our vendor runs through the conversion tool and generates a config for us, when we Commit it to the 5020's we get the following error:Error: Number o...

steveo by L3 Networker
  • 4523 Views
  • 5 replies
  • 0 Likes

Panorama Logging with NFS

I'm currently making a log concept for our new PaloAlto firewall environment for our new internet perimeter. I have a few questions about that.Here is what we want to build:- a two stage firewall concept- outer firewall is a PA-5050 cluster with Threat and URL- inner firewall is a PA-5020 cluster with just firewalling- inbetween of the two clust...

ssl gateway not working after upgrade to 4.1.2

HiAfter upgrading to 4.1.2 from 4.1.1 the ssl gateway and protal is not working.When accessing the portal the client certificate is presented but when pressing continue, the login page never appears.I had to revert to 4.1.1 to get it running again.Any clues?Thanks

FlexyZ by L3 Networker
  • 7063 Views
  • 9 replies
  • 0 Likes

User-ID Group Include List Error

On PanOS 4.1.2 I am trying to perform an LDAP lookup for the 'Group Include List' element of the User Identification setup i.e. to populate the 'User' field in policies.When I do this I get an "bind-dn is invalid" error. I know the account configured is fine, as it is a shared object set in Panorama and pushed to multiple boxes, and it works fi...

apackard by L4 Transporter
  • 7427 Views
  • 11 replies
  • 0 Likes
  • 24380 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks