General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Trouble setting up Globalprotect

Hello,I'm tring for a week now to configure Global Protect. And have only been partially successful.My config is PanOS 4.1.1 and GP client 1.1.2 on PA 2050 Boxes. No GlobalProtect Licence.I encountered 2 Problems which I can't solve.1.I have configured LDAP to get the credentials from our AD server and got this part of the authentication working...

PA 5000 series users

Is anyone else running this new hardware platform besides my company? We are running into a huge amount of issues and I would like to know if it's just us or not.

Creating Zones (Sub-Zones) on PA-500

Hello,This question might sound very stupid, but never mind: I have a PA-500 configured which does a specific job which does layer 3 and that requires creating a lot of zones in-order to differentiate the traffic ( as per my understanding, zones are defined for differentiating between traffic. If my thinking is wrong, please correct me). Sinc...

SSL Over-Ride Page

Hi,Anyone had any luck with getting the SSL URL Over-ride page to display without a certificate error?If I have 'transparent' mode enabled for this function I get a certificate error (it appears to replace my URL with the IP address, port 6083, which doesn;t relate to the cert used).If I try redirect (to a Layer 3 interface on the PA as describe...

apackard by L4 Transporter
  • 2126 Views
  • 1 replies
  • 0 Likes

Virtual Routers as High Availability

We have a less critical PA firewall system connected to an HSRP pair on the internal interface and an HSRP pair on the external interface.What is the best way to configure these systems to ensure the most availability of the routes so traffic can continue to flow through the Palo Alto if one of the HSRPs fail over?My thought is to use a second v...

blogspot.com application

Hello,I'd like to differenciate blogspot.com websites that contain adult content from others blogspot.com sites.I noticed that blogspot.com adult content sites redirect the requested url to a page for content acceptance.Is possible to block this behavior with a custom application ?

is it possible to make an aggregation of HA3 interface?

Hi there.I have a question relevant to Active-Active HA.This is example for a question. I must configure Active-Active HA With PA-5050 of 2.And external interface must aggregate with two or more interfaces to support 2G traffic. (Customer average traffic volume is a 1.2G.)At this time, I must aggregate with two or more interface for HA3 interfac...

willstech by L3 Networker
  • 2317 Views
  • 1 replies
  • 0 Likes

Close Global Protect

This might be something silly I am overlooking, but of the 3 computers I have Global Protect installed none of them can close Global Proect when done with it. Even going in and trying to end the process just makes it open a new instance. Has anyone else found this to be the case?

Linwood by Not applicable
  • 12895 Views
  • 12 replies
  • 0 Likes

Url Filtering Virtual Wire

We are waiting on some changes with our carrier and are using PA2050 set up as a virtual wire. I am trying to enable url filtering and when I enable the rule, it blocks all HTTP traffic.When i set policy to deny, it denies all traffic. Thoughts?

BGP RIB-out prefix

I've setup bgp with this guide(for active/passive configuration):https://live.paloaltonetworks.com/docs/DOC-1572I needed to prioritize one ISP so I changed configuration with this guide:https://live.paloaltonetworks.com/docs/DOC-1573andhttps://live.paloaltonetworks.com/docs/DOC-1574The problem now is, I don't see any RIB-out prefixes and my ISP ...

mribic by L0 Member
  • 5761 Views
  • 3 replies
  • 0 Likes

Block skype partially work

Hello,I have panos 3.1.10 and I have rule to block skype and skype-probe application.I'm using skype client 5.6.59.110 and the behavior is the following:- skype client authenticate and goes online- contact became green (online status)- Calls doesn't work (no ringing tone)- chat seams work but whit a lot of delay (i.e when you send a message the...

Resolved! GlobalProtect Configuration Vanishing

Hi All,I have been struck with some bizzare issues for my customer which is leading me no-where. The issues are as follows:- The customer was using SSL-VPN NetConnect when on version 4.0.5.- There were issues regarding ARP Cache limits as the PA-500 has only ARP cache limit of 500.- We were told that PAN would be increasing the ARP cache limi...

Read-only Instant Messaging possible???

Hello guys,I was just wondering if it was possible to have instant messaging as Read-Only mode. For example, gtalk, can receive incoming messages, but the user cannot respond back to them. Is there any way to configure or achieve this?Cheers....

  • 24403 Posts
  • 123 Subscriptions
Top Solution Authors
Labels