General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Is there anyway to have the URL Filtering response page to display category in the local language of the firewall Region.

Hello,I was wondering if there is any feature or ability of the firewall Response Page to display URL Filtering Category in the local language of the site it is inspecting.For example, if a user is from the Netherlands and speaks Dutch, can the Firewall located in region be set up to post the category of blocked site being surfed in Dutch?Pleas...

Eone by Not applicable
  • 3968 Views
  • 3 replies
  • 0 Likes

PA-500 WAN connect directly to ISP

Hello,We are using an PA-500. We would like to connect the WAN port directly to our ISP. Normally the ISP requires a Cisco router with the following requirements.Connectivity requirements:Ethernet / IEEE 802.3-2005WAN side 1000Base-T full duplex100mbit througputPPoE/PPPRFC 2516 PPPoERFC 1661 PPPRFC 1332 PPP Internet Protocol Control Protocol ( B...

check to check "deny" packages

HiI have some rules that will allow IPSEC between two Windows Domain Controllers, but it only works when I allow "any" underapplication - unless I ping from both ends.So how can I see what port I am missing in my custom application group?Thanks

FlexyZ by L3 Networker
  • 1902 Views
  • 1 replies
  • 0 Likes

User-id is it possible to check computers?

Hello,One of our clients want to know if it is possible to build policies based on computer membership to AD groups.In this situation we want to differentiate between computers that belongs to AD and which do not in purpose of VPN connections, so that users won't connect from private computers with SSL client.Regards,Piotr Bratkowski

Terminal Services User-ID Agent Flaw

A new customer during deployment was wanting to test how well the TS User ID agent was working at identifying users. We logged on as User A and started a specific ping. We search the log file, and there was the ping. We had it running continuous for several minutes. During a refresh, we started to notice that other users were also pinging this e...

dpayne by L1 Bithead
  • 4276 Views
  • 4 replies
  • 0 Likes

Anti-spoofing Question

I'm trying to compare checkpoint interface topology configuration to panos. Is there a setting in panos where you can define what networks are behind an interface?

probin02 by Not applicable
  • 7465 Views
  • 5 replies
  • 0 Likes

Blocking by AppID don't work as expected

HiTo block a webpage like Facebook, I have the follow two possibilities.1) Block it by the Url Filter2) Block it by the AppIDSince the URL Filter just looks at the URL and no other content. Access to Facebook will only be blocked if I try to access it by "www.facebok.com". But access via "http://translate.googleusercontent.com/translate_c?hl=de&...

User_333 by L2 Linker
  • 3016 Views
  • 2 replies
  • 0 Likes

Resolved! Custom URL wildcard

Hi all,I have a question relating to wildcards in a Custom URL Category on PA-500 - 4.1.0I have the following entry in my custom URL category *.centos.organd I'm finding that I'm getting a match with the following URL (and many others) mirror.ox.ac.uk/sites/mirror.centos.org/5.7/updates/i386/RPMS/kernel-2.6.18-274.7.1.el5.i686.rpmIs this...

DavePalo by L4 Transporter
  • 7444 Views
  • 9 replies
  • 1 Likes

Trouble after upgrading to 4.1

I was currently running 4.0.5 on panorama and HA active passive 2050 cluster.The upgrade ran rather smoothly.has something changed for service declaration in 4.1?I define my addresses and custom services on the panorama which I sync to the HA cluster members after committing on the panorama.My policies are defined on the first cluster member whi...

Virtual balancing and PBF

Hi all,My client need to do Load Balancing in his wan interfaces, I did the next config, in PBF I put four policies, one for the two Internet segments asigned to the first and more faster output (TRUST to (1.0.0.1-126.255.255.254) & (128.0.0.1-192.255.255.254)) the first and second public segment. Other PBF (TRUST to (193.0.0.1-224.255.255.2...

p_marquez by Not applicable
  • 2343 Views
  • 1 replies
  • 0 Likes

Resolved! URL Content filtering Question - Netflix

Ok, don't shoot the messenger but I was asked to see if I could unblock the queue management area for Netflix but still block the streaming media part of it... We're using the URL filtering capabilities of the PA 2050 device and I have a policy defined that's based on an Active Directory user group to filter traffic. I'm not sure how I would g...

Emailing of CSV reports?

Currently my reports can only output in the default behavior offered - PDF's are sent automatically - however, some groups within the company that specifically manage risk want to add automation to the mitigation process - and doing that would be much easier if the reports could be emailed out in CSV format.Is it possible to email reports out of...

jsilvia by Not applicable
  • 4133 Views
  • 1 replies
  • 0 Likes

DHCP server -> conflict IP

HiI have a DHCP server enabled on one of my interfaces, but clients have problem getting IPs back - after reboot of windows machines it normally works, but this normally not an issue with other DHCP servers.Here is one message ->An error occurred while renewing interface Local Area Connection : The DHCP client has obtained an IP address that ...

FlexyZ by L3 Networker
  • 6579 Views
  • 4 replies
  • 0 Likes
  • 24403 Posts
  • 123 Subscriptions
Top Solution Authors
Labels