This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4120 Views
  • 0 replies
  • 0 Likes

Panorama CLI questions

Had a couple of questions regarding some CLI commands for PanoramaPanorama version 4.1.0Devices are a mix of 4.0.4, 4.0.7 and 4.1.0Is there a way to update licensing information for the firewalls from the Panorama CLIrequest batch license info shows the existing licenses associated to the Panorama managed devices but does not update for the new...

jcostello by L4 Transporter
  • 3429 Views
  • 1 replies
  • 1 Likes

does session drop when changing VR?

I have an HA PAN scenario with single VR, after commiting a change to the default VR name then adding another VR to the system, I have noticed that some sessions droped.Most of our sessions are opened one time and continue until service restart, if a session is to be dropped, the service must be restarted in order to initiate a new session.So do...

areda by L0 Member
  • 2220 Views
  • 1 replies
  • 0 Likes

Multiple ISP's for Global Protect Client?

I've been messing with the setup of using multiple ISP's in an office and maintaining the functionaility of an inbound VPN client for both - aka redundancy.I guess my first question is, can a client have a Global Protect installation that is able to connect to multiple gateways? I haven't seen anything to indicate it's possible yet - maybe I ju...

cmaier by L1 Bithead
  • 2377 Views
  • 1 replies
  • 0 Likes

Policy complexity considerations

When creating policies, especially Security and QoS, how much consideration do I have to give to the number of policies?If we want to get very granular with these policies, will we pay any significant penalty in performance (either in device administration or performance)?(Specifically we have PA2050 that will route through 220Mbps max to intern...

sspivey by L1 Bithead
  • 2224 Views
  • 1 replies
  • 0 Likes

Pan OS 4.1, Destination Nat Problems

Hallo,I installed a PA500 wit Pan OS 4.1 at customer side and most thing working fine.I configured the WAN interface as DHCP-Client with default route to this interface. In NAT-Rules i want to publish a internal server to give external sources acces to this internal source (simple portforwarding). My problem is, if I configure a destination tran...

Show unused rules option

The show unused rules is very helpful but as I work at cleaning up rules after migration it would be really handy if I could clear that flag to see if the new rulesets created are handling all of the traffic before disabling the old rulesets. Is there a quick way to clear that flag so that it starts from fresh?Thanks in advanceJohn MitchellHydro...

Resolved! Is there anyway to have the URL Filtering response page to display category in the local language of the firewall Region.

Hello,I was wondering if there is any feature or ability of the firewall Response Page to display URL Filtering Category in the local language of the site it is inspecting.For example, if a user is from the Netherlands and speaks Dutch, can the Firewall located in region be set up to post the category of blocked site being surfed in Dutch?Pleas...

Eone by Not applicable
  • 3843 Views
  • 3 replies
  • 0 Likes

PA-500 WAN connect directly to ISP

Hello,We are using an PA-500. We would like to connect the WAN port directly to our ISP. Normally the ISP requires a Cisco router with the following requirements.Connectivity requirements:Ethernet / IEEE 802.3-2005WAN side 1000Base-T full duplex100mbit througputPPoE/PPPRFC 2516 PPPoERFC 1661 PPPRFC 1332 PPP Internet Protocol Control Protocol ( B...

check to check "deny" packages

HiI have some rules that will allow IPSEC between two Windows Domain Controllers, but it only works when I allow "any" underapplication - unless I ping from both ends.So how can I see what port I am missing in my custom application group?Thanks

FlexyZ by L3 Networker
  • 1854 Views
  • 1 replies
  • 0 Likes

User-id is it possible to check computers?

Hello,One of our clients want to know if it is possible to build policies based on computer membership to AD groups.In this situation we want to differentiate between computers that belongs to AD and which do not in purpose of VPN connections, so that users won't connect from private computers with SSL client.Regards,Piotr Bratkowski

Terminal Services User-ID Agent Flaw

A new customer during deployment was wanting to test how well the TS User ID agent was working at identifying users. We logged on as User A and started a specific ping. We search the log file, and there was the ping. We had it running continuous for several minutes. During a refresh, we started to notice that other users were also pinging this e...

dpayne by L1 Bithead
  • 4121 Views
  • 4 replies
  • 0 Likes

Anti-spoofing Question

I'm trying to compare checkpoint interface topology configuration to panos. Is there a setting in panos where you can define what networks are behind an interface?

probin02 by Not applicable
  • 7170 Views
  • 5 replies
  • 0 Likes

Blocking by AppID don't work as expected

HiTo block a webpage like Facebook, I have the follow two possibilities.1) Block it by the Url Filter2) Block it by the AppIDSince the URL Filter just looks at the URL and no other content. Access to Facebook will only be blocked if I try to access it by "www.facebok.com". But access via "http://translate.googleusercontent.com/translate_c?hl=de&...

User_333 by L2 Linker
  • 2900 Views
  • 2 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks