This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4152 Views
  • 0 replies
  • 0 Likes

NetConnect to Global Protect migration issue

Hello to everyone,I migrate my PAN 500 from 4.0.7 to 4.1.0, with previously configured SSL-VPN which was operational. After migrating to new FW, SSL-VPN migrated to Global Protect portal with all configured settings and with new GP client to end nodes, but new GP client can't connect to gateway. I troubleshoot a while and from client side (proto...

Tician by L3 Networker
  • 6267 Views
  • 7 replies
  • 0 Likes

Resolved! captive portal and blackberry enterprise server

BES server is a proxy for all users on phones, (they all come from the BES IP address on the LAN) what is the proper way to install captive portal or user identification so that we protect and identify users on the phone client end-points?

kkeeton by L2 Linker
  • 3221 Views
  • 2 replies
  • 0 Likes

terminal server agent and security policies

hi , i installed the terminal server agent on the ts machine and i also configured ldap on palo alto,and create a no-restriciton rule on top of the list.when i try to access to internet technically i must not be blocked,but when i blocked i also dn't see a user name on the browser,just saw the ip address of the terminal server.any suggest will b...

Application-default for dynamic protocol

Hello,How does the PA device work when we define a rule that allow an application that use dynamic ports and we specifiy the application-default service ?As an example, I have a rule that allow application "rmi-iiop" (Java remote method invocation (RMI) interface over the Internet Inter-Orb Protocol (IIOP)), which is a predifined application.Whe...

ldormond by L3 Networker
  • 3335 Views
  • 1 replies
  • 0 Likes

Upgraded to 4.1 Global Protect SSL VPN

Recently upgraded to 4.1 where SSL VPN is now incorporated with the Global Protect client. Is it possible to not use the Global Protect client and connect via SSL using the Java NetConnect client?

fbrown by Not applicable
  • 2257 Views
  • 1 replies
  • 0 Likes

PBF - Best practices for Target IP Address

Hello all,When you want to failover between 2 ISP with PBF features, what are the best practices for the choice of the target IP addresses?If we use the default gw of ISP 1 (for ISP 1 tracking) and ISP2 (for ISP2 tracking), it's sometimes possible that the default GW of ISP is still UP (LAN interface of the ISP router) whereas the ISP line is do...

alliance by Not applicable
  • 2318 Views
  • 1 replies
  • 0 Likes

Importing old logs to Panorama

Greetings!When I upgraded to 4.1, I choose to rebuild my Panorama server from scratch. After I was finished, I decided to try exporting the logs from the old server and import them to the new. Is that possible? Will it leave the new log entries intact?

cloughr by L2 Linker
  • 3513 Views
  • 1 replies
  • 0 Likes

Resolved! Panagents and Active Directory sub-domains

We have an Active Directory domain with a sub domain- bar.org and foo.bar.org. We have 4 panagent servers, 2 dedicated to each. Our problem is that when user A.bar.org logs on, PA sometimes identifies him as user B.foo.bar.org, with the same IP address.I can re-create this problem by logging onto a machine first as a member of bar.org, then foo...

cloughr by L2 Linker
  • 4876 Views
  • 3 replies
  • 0 Likes

PaloAlto Supported OS and Browsers

Hi,I am new and learning PaloAlto currently, but I was just thinking were to find documents that would show or list some compatibility or supported browsers on different platforms for Management and also for SSL VPN (netconnect) or maybe someone can list down to me these information.PAN OS 3.1.6SSL VPN client 1.30I appreciate all information you...

evaristov by Not applicable
  • 8418 Views
  • 9 replies
  • 0 Likes

Why permitiing web-brosing is required while permitting custom http-based apps?

Hello,I was testing custom http based apps, and in this context i created a custom app based on a signature in the host field of the http header. The problem is that it function properly only if i permit the app web-brosing in the same rule. By logging at the begining and at the end of the session i noticed that whene session starts, the traffic...

asia by L3 Networker
  • 7794 Views
  • 12 replies
  • 1 Likes

Vasco Token authentication

How can I integrade Vasco (Radius) Authentication into the Firewall?On my old Firewall i use telnet to identify my users with Radius so I can define special Firewall Rules.With UserID there no Option to use Radius right?

gste by Not applicable
  • 3092 Views
  • 1 replies
  • 0 Likes

if panorama occurred network loss of network connection?

hello there. I'd like to know what happen, if network disconnected between panorama and PAN mgmt network. if panorama network has a disconnect with problem of NIC, PAN device won't send logs to panorama.but i'd like to send logs without loss of logs from PAN device to panorama even though panorama network disconnected at that time.How can PNA de...

willstech by L3 Networker
  • 2792 Views
  • 2 replies
  • 0 Likes

Resolved! question of FQDN based security policy and country ip db update cycle

Hello there.I have couple of question below.1. add new security policy based on FQDN i have two DNS records on the same machine and same IP address like below. 1. groupware. aaa.com (IP: 192.168.1.10, tcp port 6363) 2. www.aaa.com (IP: 192.168.1.10, tcp port 80) Customer wants to add a security policy by FQDN for blocking for g...

willstech by L3 Networker
  • 2674 Views
  • 1 replies
  • 0 Likes
  • 24340 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks