This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4132 Views
  • 0 replies
  • 0 Likes

IPS functionality testing

We are looking to do a live demo of PAN devices to some leads . Does anybody have tool we can use to demonstrate the IPS functionality in real time .Putting the box through a wide range of attacks . App ID is pretty easy but Checkpoint now does application visibility . I have heard about metaploit . I havent seen a windows version u could easil...

usvi by L3 Networker
  • 2985 Views
  • 1 replies
  • 0 Likes

Resolved! Commit Failed (HA active-passive)

Hi, Commit on customer PA500 Cluster running in Active-Passive mode on PANOS 3.1.6Details device: Client device registered in the middle of a commit. Aborting current commit.Commit failedsystem log:Receive Time Type Severity Object Event Description10/26 13:54:20 general high general Commit job fa...

Resolved! Block Outbound SSTP (Secure Socket Tunneling Protocol)

Is there a timeline when the ability to block SSTP outbound will become available or is it possible now?Microsoft's latest and greatest is surely a hole that it would seem most don't want in their environment.Any insight would be greatly appreciated... thus far it seems that only TMG (Threat Management Gateway) can block SSTP short of blocking a...

micit by L1 Bithead
  • 4313 Views
  • 3 replies
  • 0 Likes

Resolved! User-ID Agent for Active Directory won't transfer mappings

Hello-I have a new PA500 (running 4.0.4) that I've set up and am now trying to tie to Active Directory in order to create user-based policies. I have everything configured to my knowledge, but I'm not getting any user-IP mappings on the firewall.I installed what I believe to be the latest AD agent, 3.1.2 (filename PanAgent-3.1.2.msi), on my se...

Resolved! Data Filtering by Name

In "monitor" --> "Data Filter" is there a way to filter by name? The name shows things like zip and rar and filtering by this automatically would be very useful. Or is this available in a feature-set beyond 4.0.1?Also, the release notes for 4.0.5 link appears broken, or otherwise unavailable. Is this going to be available again sometime i...

SSLVPN/Netconnect Command Line

Hello,Is there a way to interact with the SSLVPN/Netconnect application via command line arguments? Can you script any portion of the launch of Netconnect?Thanks,-Paul

PANOS 4.0.6

Hi - I can see PANOS 4.0.6 in the software section on my Panorama. I can't see it as available when I go onto my PA 4050s though - it's still showing 4.0.5 as the latest available code to download. On the support website - it's mirrored again in the Software Updates section - 4.0.5 is available for Panorama but not listed for the devices yet. Am...

fmd by L3 Networker
  • 2586 Views
  • 2 replies
  • 0 Likes

vsys id too big on panorama

I have a PAN 5050 connected to Panorama and when I try to sync panorama shared policies for the device group of this vsys it gives me the error "vsys id too big". All the other vsys synced no problem, the only thing I can see is that the vsys id is 26, though they have licensing for 125 vsys. vsys id too bigCommit failedAny ideas?

Upgrade Path from 3.1.7

Hello,I am currently running PAN OS 3.1.7 on my 4050 corporate cluster. Can I upgrade from 3.1.7 to 4.0.1? Should I upgrade to a later version of the 4.0 code? I know there is a known issue with 4.0.5 but what about 4.0.4? Is it a stable code? Thanks!Darcy

Resolved! Why does the PAN Route through the management interface?

If I traceroute with the source ip of my private internal interface to the host that my user-id app is located it works.If I just do a traceroute host to the host that my user-id is located on it fails.I put a static host route in the VR pointing out my private internal interface and it still fails if I don't source the interface in the trace.

Problems with installing SSL-VPN Client

HiHas anyone else had any problems with Installing PanInstaller on Windows 7?I have managed to install it on some machines but sometimes the installation just drops and in the event viewer I get:EventId 7030Source Service Control ManagerPanInstaller is marked as an interactive service. However, the system is configured to not allow interactive s...

lindorff by Not applicable
  • 8920 Views
  • 12 replies
  • 0 Likes

Not detecting Lotus notes traffic correctly

Hi All,I have a system, running 4.0.5 ( about to be .6 ) in TAP mode at a PoC site.They run Lotus notes, with one server platform, but two different types of clients.We are getting a lot of unknown-TCP, which is actually going to the notes server, and on the notes port, so likely to be notes.Any reason why it wouldn't actually be detected as such?

KatanaNZ by L3 Networker
  • 2305 Views
  • 1 replies
  • 0 Likes

Is it possible to use public IPs on the same subnet on different interfaces?

Hello,We want to use inbound NAT in different VSYS on a PAN 4020 device. The question is, is it possible to use adresses(mip equivalent on netscreen devices) from the same subnet on different phisycal interfaces in different vsys? On netscreen devices we must split adresses in different subnets and make routing on network routers behind the fire...

asia by L3 Networker
  • 7756 Views
  • 5 replies
  • 0 Likes

Resolved! passthrough page without authentication

Hi all, I have a 2050 pair and I'm trying to find a way to prensent my users with a page with 'terms of use' that they would accept and continue on to a list of websites that I can control. I don't want to authenticate the users, just give them a splash page and let them go through, is this possible? Thanks in advance.

  • 24337 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks