General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 263 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3582 Views
  • 2 replies
  • 14 Likes

Resolved! App-ID block the whole category

Hi guys,

i have several distinct classes of users, and whole categories of apps need to be blocked for several of these classes. Is there a way to block a whole application category, similar to the way we can block whole categories using the URL filte

...

bkandola by L0 Member
  • 1707 Views
  • 1 replies
  • 0 Likes

How to report traffic logs for a specific rule ?

Hello,

I have defined several specific policies to allow traffic through my PA device.

I have also created a rule that allow any traffic (at the end) to not impact current traffic.

My idea is to be able to identify all traffic that flows through my devi

...

ldormond by L3 Networker
  • 2626 Views
  • 5 replies
  • 0 Likes

Will SSL VPN work for Apple IPAD (or ios 5 devices)

Hello,

I was told today by PANTAC that  SSL VPN work for IPAD (or ios 5 devices) for PANOS 4.1 but I have not been able to find any documentation supporting this to present interanlly.  Can someone confirm this and also provide any supporting document

...

Eone by Not applicable
  • 2408 Views
  • 1 replies
  • 0 Likes

NetConnect to Global Protect migration issue

Hello to everyone,

I migrate my PAN 500 from 4.0.7 to 4.1.0, with previously configured SSL-VPN which was operational. After migrating to new FW, SSL-VPN migrated to Global Protect portal with all configured settings and with new GP client to end node

...

Tician by L3 Networker
  • 4480 Views
  • 7 replies
  • 0 Likes

Resolved! captive portal and blackberry enterprise server

BES server is a proxy for all users on phones, (they all come from the BES IP address on the LAN) what is the proper way to install captive portal or user identification so that we protect and identify users on the phone client end-points?

kkeeton by L2 Linker
  • 2407 Views
  • 2 replies
  • 0 Likes

terminal server agent and security policies

hi , i installed the terminal server agent on the ts machine and i also configured ldap on palo alto,and create a no-restriciton rule on top of the list.when i try to access to internet technically i must not be blocked,but when i blocked i also dn't

...

Application-default for dynamic protocol

Hello,

How does the PA device work when we define a rule that allow an application that use dynamic ports and we specifiy the application-default service ?

As an example, I have a rule that allow application "rmi-iiop" (Java remote method invocation (R

...

ldormond by L3 Networker
  • 2451 Views
  • 1 replies
  • 0 Likes

Upgraded to 4.1 Global Protect SSL VPN

Recently upgraded to 4.1 where SSL VPN is now incorporated with the Global Protect client.  Is it possible to not use the Global Protect client and connect via SSL using the Java NetConnect client?

fbrown by Not applicable
  • 1806 Views
  • 1 replies
  • 0 Likes

PBF - Best practices for Target IP Address

Hello all,

When you want to failover between 2 ISP with PBF features, what are the best practices for the choice of the target IP addresses?

If we use the default gw of ISP 1 (for ISP 1 tracking) and ISP2 (for ISP2 tracking), it's sometimes possible th

...

alliance by Not applicable
  • 1760 Views
  • 1 replies
  • 0 Likes

Importing old logs to Panorama

Greetings!

When I upgraded to 4.1, I choose to rebuild my Panorama server from scratch. After I was finished, I decided to try exporting the logs from the old server and import them to the new. Is that possible? Will it leave the new log entries intac

...

cloughr by L2 Linker
  • 2734 Views
  • 1 replies
  • 0 Likes

Resolved! Panagents and Active Directory sub-domains

We have an Active Directory domain with a sub domain- bar.org and foo.bar.org. We have 4 panagent servers, 2 dedicated to each. Our problem is that when user A.bar.org logs on, PA sometimes identifies him as user B.foo.bar.org,  with the same IP addr

...

cloughr by L2 Linker
  • 3597 Views
  • 3 replies
  • 0 Likes

PaloAlto Supported OS and Browsers

Hi,

I am new and learning PaloAlto currently, but I was just thinking were to find documents that would show or list some compatibility or supported browsers on different platforms for Management and also for SSL VPN (netconnect) or maybe someone can

...

evaristov by Not applicable
  • 5302 Views
  • 9 replies
  • 0 Likes

Vasco Token authentication

How can I integrade Vasco (Radius) Authentication into the Firewall?

On my old Firewall i use telnet to identify my users with Radius so I can define special Firewall Rules.

With UserID there no Option to use Radius right?

gste by Not applicable
  • 2333 Views
  • 1 replies
  • 0 Likes
  • 24171 Posts
  • 100 Subscriptions
Top Liked Authors
Labels