This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4239 Views
  • 0 replies
  • 0 Likes

App ID Classification

I noticed that Sophos anti-virus is classifed under business-systems/management, while McAfee, Symantec, Panada are all classifed under business-systems/software-update.Seems to me Sophos is misclassified under the wrong sub-cateogry.

snormoyle by Not applicable
  • 2091 Views
  • 1 replies
  • 0 Likes

Certificate : standard, extended validation, wildcard, subject alternative name

Hello,OWA (Exchange 2007) needs SAN (Subject Alternative Name) certificates (http://www.digicert.com/ssl-support/exchange-2007-san-names.htm). This type of certificate is supported by the Palo Alto for SSL inspection? What type of certificate are supported by Palo Alto (standard, extended validation, wildcard, SAN)?RegardsPatrick

Update problems, PANOS 4.0.5

Hi, I need some help about a PAN update trouble, since december of last year can't update all the signatures of threats, APP's, url filtering and antivirus.On the dynamic update section, when checking for new version, shows an error:Failed to check content upgrade info due to generic communication error. Please try again later.When I'm testing t...

How to identify specific object usage ?

Hello,Is there a way to easily find out where a specific object is used in the policies ?I know that I can use the filter filed in the policy tab (by using "drag and drop" or filter drop-down menu). However, when using group objects for multiples addresses, users or services, we cannot use this filter feature anymore. Indeed, even when specifing...

ldormond by L3 Networker
  • 4648 Views
  • 7 replies
  • 0 Likes

Resolved! User Identification - 4.1 LDAP - AD

Hi,I have upgraded to 4.1 and added a ldap-server profile to the config so the firewall does the query instead of the user-id-agent.When I go to group-mappings settings ( under user-identification ) and select the tab 'Group Include List',I can see the whole AD-tree-structure, but I cannot view the last part: the group itself.Has anybody seen th...

paulmeys by L1 Bithead
  • 3952 Views
  • 3 replies
  • 0 Likes

Retrieve Primary group of a user

Hi,I've just upgraded my PA-2050 to 4.1.1 and configured LDAP servers and group mapping for building some policies rules based on AD groups.Everything works well except one thing.The primary group of a user is not retrieved.And this is a problem because I had a policy rule based on it.Exemple : if a user "toto" belongs to these groups :- Domain ...

PA 2050 running 4.1.1

Just curious if anyone else notice performance issues with their palo boxes after upgrading to 4.1.1? I’m getting a lot of commit failures, cannot connect to the device errors or the page just takes 3-5 minutes to load. I’m also noticing that when the commits do take place it can take 5-15 minutes to complete.PA-2050Software version 4.1.1Globa...

Globalprotect client failing authentication

We have had several instances where our end users are not able to connect with the globalprotect client since upgrading to PANOS 4.1. When I check the system log file I see the following errors 2012/01/18 09:45:03info globalp portal globalp 0 GlobalProtect portal user authentication failed. Login from: 208.54.35.242, User name: USER, Reaso...

jbland by Not applicable
  • 3616 Views
  • 3 replies
  • 0 Likes

Resolved! Using "Any" as zone for a converted policy

HiI'm converting a security policy from a Check Point device to a PAN device using the PAN converter. By default the converter sets source and destination zones as "Any". Can I use the rule like that? Is there any problem that such configuration might cause in the future or after replacing the devices? Do I need to specify zones in the rules? Pl...

Multi Gateway

Hello,I need to install a PA200 for a internet breakout. Since i can't change the IP Subnet, I tough to change the default gw to the PA and use the PA as a router for traffic to the WAN (same subnet). But my problem is now that traffic comming from the wan to the client is comming from 192.168.1.1 -> to the pc 192.168.1.50 -> to the PA 192...

gsteiner by L3 Networker
  • 5368 Views
  • 8 replies
  • 0 Likes

OSPF - Reditribution intra OSPF

Hello,My PA is connected to 2 OSPF areas and I want to take some routes from one area and send them to the other one.I try to do a redistribution profile but it only send my directly connected routes, not those learned from OSPF.Is there a way to do this?RegardsRémi

rroger by L1 Bithead
  • 2740 Views
  • 1 replies
  • 0 Likes

Resolved! URL-filtering Profile

Hi!Friday we upgraded our devices to 4.1.0.Everything is working ok, the gui is pretty fast, which is nice, only:When we want to edit a url-filtering-profile, the list of categories is empty.Can someone confirm this running on 4.1.0 ? ( or is it just only us, )Thank you,Kind regards,Paul

paulmeys by L1 Bithead
  • 9919 Views
  • 7 replies
  • 0 Likes

Resolved! How do I get a report of what threat prevention rules are enabled?

I have a customer that has asked me to match up an ISS proventia IPS rule to put a PAN Threat Prevention rule. I have created a enabled about 1009 rules on a custom ruleset to do so. The customer has asked that I "print off" in CSV or other format the " rules, showing which ones are enabled, what action is configured, against what is availa...

cwilliams by Not applicable
  • 5397 Views
  • 6 replies
  • 0 Likes

New feature - URL Allow List Object

Could you add a feature that creates "URL Allow List" objects and "URL Block List" objects. We have several URL Filtering Security Profiles and try to keep our business partner sites in the "Allow List" but have to manually add them to each profile. It'd be simpler if there was a separate object and we could add the object to the profile.

jmck9999 by L1 Bithead
  • 3437 Views
  • 3 replies
  • 1 Likes

Log Exporting

I am exploring the best method for me to export and create reports based off of log data from a PA-4020, and have a few questions. Real-time reporting hasn't been determined just yet, but since I can essentially get real-time from the PA GUI I am thinking this will not be a requirement. That being said I think a 1/2 daily or 1/4 daily ftp expo...

  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks