This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4142 Views
  • 0 replies
  • 0 Likes

PA5050 SFP+ Port LED doesn't work if SFP plugged in?

Hi there,we have equipped the SFP+ Ports 21-24 with normal 1GB SFPs.The SFPs are working fine but the Port LEDs doesn't blink.Is this a normal behavior? Maybe only show light if a SFP+ plugged in? :smileyconfused:We're running the version 4.0.7Thanks, Sebastian

Running PAN in FIPS and/or CCEAL4 mode?

Any of you here in this forum who have experience from running your PAN device in either FIPS or CCEAL4 mode (or both - is that possible?)I only found some brief of what the FIPS mode really means within the "Appendix C Federal Information Processing Standards Support" in PA-4.1_Administrators_Guide.pdf and no mention of what CCEAL4 mode (found ...

mikand by L6 Presenter
  • 2779 Views
  • 1 replies
  • 0 Likes

SSH Tunnels

I know in order to look inside the SSH traffic to see if someone is doing SSH Tunnels you need to decrypt the SSH session.I am looking to find out how the PAN decrypts the SSH traffic and what is all involved in setting this up on the firewall.

snormoyle by Not applicable
  • 2354 Views
  • 1 replies
  • 0 Likes

ALG for Facetime via NAT?

We're running 4.0.5 and Facetime does not work as the packets coming from Apple's servers via the Internet are dropped. I noticed there was an ALG for H.323 in 4.1 but wasn't sure if that was related to Facetime or if there was anothe work around.

bjdraw by Not applicable
  • 6722 Views
  • 8 replies
  • 0 Likes

Error message for role based Administrator

Error message when role based admin user is trying to log into UI:User does not have access to any device groups. Device groups are needed to access the 'Policies' and 'Objects' tab. Please ask your administrator to give you access to one.---The goal is to only assign a vsys to this role based administrator and not a device. Please let me know i...

bbsoc by L2 Linker
  • 2672 Views
  • 2 replies
  • 0 Likes

Reconnaissance Protection

hi : In regard to the settings for Port Scans and Host Sweeps:What counts as an event toward reaching the threshold? Is it a SYN packet or are other types of packets counted?Thanks

wlu by Not applicable
  • 3381 Views
  • 1 replies
  • 0 Likes

Anyone tried to connect GP from iphone/ipad with ClientCert?

I'm tring to connect GP from iPhone5 and iPad4.3.3 with Client Cert Auth.I can't see the establishment of IPSec VPN, however, I could establish VPN from Windows with same client cert.I want to see the working sample cofiguration.Could anyone share the information?My testbed:-PA-5020 v4.1.1-GP v1.1.1-Windows 2003R2 as Client Cert CABTW, I know th...

emr_1 by L5 Sessionator
  • 3081 Views
  • 1 replies
  • 0 Likes

SSL-VPN on Mac can't route traffic after sleep

On many of our Mac clients that are using SSL-VPN, if they are connected to the VPN and they close their Mac's (putting it to sleep), when the mac's are awoken, they can't route any traffic. The only cure seems to be:sudo route -n flushIs there any way to have normal function (meaning the normal non-vpn session) resume properly upon waking the ...

Lookout by Not applicable
  • 2447 Views
  • 1 replies
  • 0 Likes

Data filtering by name

Is there a way to block a specific file name, not just a file extension? Is it possible to accomplish this using a custom data pattern?

jgeyer by L0 Member
  • 2443 Views
  • 1 replies
  • 0 Likes

GRE issues with 4.1.0 ?

Good morning,we run PanOs 4.1.0 on a couple of new sites, but we are not able to make GRE tunnel works. The sceario is IPsec Tunnel between 2 firewalls (PA-2020 to PA-5050), GRE tunnels built inside the IPsec on Cisco routers.IPsec is ok and ping is working between the routers loopback, but GRE tunnel is down even if we permit all applications a...

fm_eng by L1 Bithead
  • 2944 Views
  • 2 replies
  • 0 Likes

Pan os 3.1.8 VirtualWire and Microsoft NLB Problems

Good morningI have a Virtual Wire configured on a PAN-2050 with Pan OS 3.1.8 and I connect in one Interface of it a Microsoft ISA Server 2004 and in the other interface a Catalyst Cisco Switch.This Microsoft ISA SERVER 2004 has a Microsoft Load Balancing Service (NLB) configured on it with another Microsoft ISA SERVER 2004 that is connected in o...

Pepen by L1 Bithead
  • 1974 Views
  • 1 replies
  • 0 Likes

App ID Classification

I noticed that Sophos anti-virus is classifed under business-systems/management, while McAfee, Symantec, Panada are all classifed under business-systems/software-update.Seems to me Sophos is misclassified under the wrong sub-cateogry.

snormoyle by Not applicable
  • 2078 Views
  • 1 replies
  • 0 Likes

Certificate : standard, extended validation, wildcard, subject alternative name

Hello,OWA (Exchange 2007) needs SAN (Subject Alternative Name) certificates (http://www.digicert.com/ssl-support/exchange-2007-san-names.htm). This type of certificate is supported by the Palo Alto for SSL inspection? What type of certificate are supported by Palo Alto (standard, extended validation, wildcard, SAN)?RegardsPatrick

Update problems, PANOS 4.0.5

Hi, I need some help about a PAN update trouble, since december of last year can't update all the signatures of threats, APP's, url filtering and antivirus.On the dynamic update section, when checking for new version, shows an error:Failed to check content upgrade info due to generic communication error. Please try again later.When I'm testing t...

  • 24340 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks