This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4462 Views
  • 0 replies
  • 0 Likes

Resolved! Custom block page size limitation

To remove dependancy on external servers for hosting content as part of the block pages, I tried impeding a small image in-line with base64 encoding (see http://en.wikipedia.org/wiki/Data_URI_scheme). When uploading the custom page, the system alerted that it failed for an unkown reason. My assumption is that there is a size limit for the cust...

hallje by Not applicable
  • 4333 Views
  • 4 replies
  • 0 Likes

Digium VOIP System

Has anyone installed a Digium PBX behind a PaloAlto firewall?Here is the connectivity that Digium says they need to have phones work:5060 UDP (SIP)10,000-20,000 UDP (RTP)80 TCP (remote Phone provisioning)5222 and 843 TCP (Switchboard)5689 (Switchboard chat)

Custom file blocking continue page

I am having some difficulties creating a cusom file blocking continue page. Specifically the Continue button. I Have followed the Tech Note on creating custom response pages, however I am still unsuccessful in creating the button using the <pan_form/> variable.Exporting the factory-default file block continue page show that the <cookie/...

Resolved! does PA supports xForward ?

hi,am wondering if PA can supports xforward as i need to install PA behind a bluecoat were the users request reaches 1st bluecoat then PA, so is there a way for pa to detect the ip addresses or usernames.BR

RDP with ssl vpn issue

Hi: I have two probelms about ssl vpn. I'm using PANOS 3.1.6 and vpn client version 1.2. 1. I'm using win7 64 bit and following the check list, so i can connect first time. Then I disconnect ssl vpn and try to connect again from my notebook, it never connect again and shown "netconnect has stop working".See attached. 2. Then I uninstal...

hauman by L0 Member
  • 2457 Views
  • 1 replies
  • 0 Likes

IPSec VPN using RSA key on the other site

i have a problem regarding the configuration of PALO ALTO IPSec VPN because the other remote sites are using RSA key Authentication for IPSec VPN. They bougth Palo Alto to change there existing firewall Astaro. And now were in the implementation to migrate all the policy to Palo Alto. And i figure out that there is no option of RSA key Authentic...

janm by Not applicable
  • 4724 Views
  • 5 replies
  • 0 Likes

PA-2050 have problem performance CPU dataplane. (80 -95% all time)

PA-2050 have problem performance CPU dataplane. (80 -95% all time)Deploy paloalto 4 zones (inside, outside, DMZ, Server)Enable IPS, Antivirus, Antispywarefirmware version 4.0.7Throughput avearage 200 - 250 MbpsConnection 20000 - 30000 sessionTesting disable layer 7 application with create Application overide policy between inside and Server zone...

Resolved! Is there a way to add multiple (many) IP addresses to a security policy at once?

I am trying to adjust a security rule that I have in place that blocks incoming traffic from multiple IP hosts.In the rule I currently have approx 100 IP host explicitly blocked (spammers)I am trying to add another group that I have taken from my mail server (approx 150)Is there a way I can modify and add all of those addresses at once instead o...

JW-LGH by L0 Member
  • 7196 Views
  • 2 replies
  • 0 Likes

is it possible to apply user-id at SBC environment?

I had a test related to User-ID with PNA Agent for AD. This environment has a little unusual and It is called a SBC (Server Based Computing). I tried to apply User-ID with PAN Agent for AD but it was not working as my intention. Clients must access remote desktop to run application throughout SBC. Clearly, clients have a domain login to access...

willstech by L3 Networker
  • 4492 Views
  • 8 replies
  • 0 Likes

"Application is already in use" commiting custom application addition

Hello,I am trying to import a few custom applications via XML files I downloaded from my PaloAlto vendor. I did try this before with some that I found here in this forum when running PAN 3.1. I am now on PAN 4.1 (though I may have seen this problem before I updated). Now when I import the XML most of them say they failed to insert, but when I...

gsvarney by L1 Bithead
  • 12797 Views
  • 3 replies
  • 0 Likes

Traffic with no data (???) is denied

Hello,I have a PA 2050 device that is configured to allow specified traffic (multiple rules) and one rule that deny all other traffic (at the bottom).When looking at the "Deny all" rule, I can see a lot of packets that should be allowed by specific rules above that are denied with no data (see screenshot bellow). Is it normal ? And what does it ...

ldormond by L3 Networker
  • 4299 Views
  • 3 replies
  • 0 Likes

No Rule Groups ?

Juniper/Checkpoint and other Vendors allow you to create rule groups. Basically headers to organize functional rules/policies together. I think this goes a long way to keeping you policy organized. There's no way to do this ?Thanks,Justin

jhickey by L3 Networker
  • 2207 Views
  • 1 replies
  • 0 Likes

Resolved! Passive FTP issue after upgrade to v4.1.0 (NAT issue?)

After upgrading to version 4.1.0 on my PA2050 in HA (Active-passive) passive FTP is no longer possible to our FTP server.When users logon they timeout on the MLSD command (in binary mode) I'm looking at NAT because the issue does not arise when accessing the same server from within the network. The FTP server is in the DMZ and doesn't NAT for in...

  • 24378 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks