This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4236 Views
  • 0 replies
  • 0 Likes

Question about Security Policies and NAT

I'm working on developing my rule base prepping for implementation. I'm noticing that alot of my inbound rules, ie:Where the destination in an address object with my internal IP. Now of course I have NAT rules to statically NAT the traffic inbound and outbound. Outbound (handled by another rule), the log shows the internal IP address as the s...

dshue by L2 Linker
  • 5576 Views
  • 2 replies
  • 0 Likes

HA Active Active Setup

Hello, We have two PAN-2020 appliance running with 4.0.5 and setup for active/standby HA. We would like to change our HA setup to active/active instead of active/standby. In our existing setup we have two interfaces configured for virtual wire and one is setup as layer 3 interface for captive portal. If we change the active/standby setup to acti...

ahmedf by Not applicable
  • 3264 Views
  • 1 replies
  • 0 Likes

Resolved! TAP mode and user ID

Hello all.quick question.during the demo(TAP mode), customer want to map IP to user id.in the TAP mode, can I integrate w/ LDAP to retrive the user id?in the doc-1445. transparent authentication only support AD. and interactive authentication can support LDAP, RAIDUS and local db.on in my customer's case, the only available option is using AD?...

willstech by L3 Networker
  • 4533 Views
  • 2 replies
  • 0 Likes

SSL VPN over Dial-Up Speeds

YES, you read it right! DIAL-UP speeds! Unfortunantly we have some users that have old 1x and iDEN air cards that are probably slower than some Dial-Up speeds. It is what it is I suppose. Our old IPSEC vpn (Check Point) client really didn't complain about it much, it was slow but still connected. We are moving our users over to the Palo Alt...

dshue by L2 Linker
  • 3452 Views
  • 2 replies
  • 0 Likes

Captive portal users not in groups?

We are using the UserID agents on our servers for ID and groups. Users that login via our AD domain on bound machines are correctly identified and we can apply policies based on group membership. That all works very nicely. We just put captive portal in place that uses Kerberos for authentication against AD. Users are authenticated, but poli...

Viewing Rules in the Policy

Hi - we use Panorama and 4050s all running 4.0.5. We have a lot of rules on this firewall for one reason or another (it's a port from Checkpoint of an internal datacentre firewall where there are lots of non-web applications etc). Anyway, I can find rules in the policy GUI fine - but what I'd like to be able to do is locate a specific rule quick...

fmd by L3 Networker
  • 4308 Views
  • 6 replies
  • 0 Likes

Resolved! Error Installing Service: PanAgent

Hi all,user - better: usergroups - identification is a major point in our evaluation of the PAN-Firewall.Now when trying to install "PanAgent-3.1.2" on my windows7 laptop the software itself is installed, but theservice failes: "Error Installing Service" when trying to execute PanAgentServices.exe(Of course using administrator-rights)Is this a k...

Gunther by Not applicable
  • 4742 Views
  • 5 replies
  • 0 Likes

Resolved! Captive Portal authentication against RADIUS with Palo Alto VSA

Dear All,Does everyone happened to know if Palo Alto can recognize the PaloAlto-User-Group (Palo Alto RADIUS VSA) if the authenticated user account is not belong to user group that RADIUS Server return?I want to set the security policy rule and have a test for it.If the user is belong to the user group that RADIUS return, the traffic can be proc...

Resolved! SNMP RFC 1213 (MIB-II) and RFC 2664 (EtherLike-MIB)

Hardware: PA-500Firmware: 4.0.2Page 17 of the PAN 4.0 Admin Guide says:"Simple Network Management Protocol (SNMP)—Supports RFC 1213 (MIB-II) and RFC2665 (Ethernet interfaces) for remote monitoring, and generates SNMP traps for one ormore trap sinks (refer to “Configuring SNMP Trap Destinations” on page 54)."But yet when I do an snmpwalk I do not...

Upgrade issues

Hello,I have a PA-500 device running on PanOS 3.1.4. I try to update it to last release PanOS 4.0.2. (Direct upgrade allowed following the RN)I have no Internet conection yet, also I would like to install it from a local file.I click "Upload", locate my software package PanOS_500-4.0.2 then I click "Install from File" and select my package from...

ldormond by L3 Networker
  • 6763 Views
  • 8 replies
  • 0 Likes

decrypted SSL traffic over Proxy since 3.1.10 slow

Hi folks,since upgrading to 3.1.10 is the ssl traffic (with decryption on the firewall) by squid proxy significant slower as without using a proxy. Not on all websites, but on some the browser needs up to 1 Minute to display the first page.I tried several squid options. Neither in the firewall nor in the proxy logs is any error or blocking annou...

mhuels by L3 Networker
  • 2021 Views
  • 1 replies
  • 0 Likes

Resolved! Creating Reports based on OU

Hello,I need to create custum raports regarding user web activities based on OU from our AD. Is it possible? And if yes how to do it?I was trying to create custum raport and then set user.src in our_ad/group, but it doesn't seems to work.Regards,Piotr Bratkowski

Resolved! User Report to create custom logo

Hi,When I query a custom report, I get Palo Alto log on all pages, I need to replace this logo by a custom company logo.Kindly advise how I can change this logo, so that the final PDF report generates the company specific custom logo.Rgds,Tauseef Ahmed.

ta185020 by Not applicable
  • 2497 Views
  • 1 replies
  • 0 Likes

Commit Failed: PAN-OS 3.1.5

Hi All,Have a PA-500 which is failing on a commit with the following:OperationCommitStatusCompletedResultFailedDetails device: No rule entry definedCommit failedHow can I troubleshoot this further, I am not sure what it would be refering to.ThanksMarc

  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks