This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4122 Views
  • 0 replies
  • 0 Likes

Syslog Issue.

Hi - I may have not understood how this is achieved - so apologies before I start!I'm trying to forward logs for traffic and threat to syslog We have 2x 4050s and Panorama - all policy rules are added via panorama.I've created a "log forwarding profile" in Panorama that says - forward all traffic and threats to panorama. This is then added to ea...

fmd by L3 Networker
  • 7825 Views
  • 11 replies
  • 0 Likes

VPN for multiple internal subnets?

HiIs it possible to configure the VPN to access different internal subnets? I mean, our network has a few internal subnets that do not route to each other... there are users who need to access 192.168.1.x and some who need 192.168.2.x and others 192.168.3.x... is such a configuration possible? easy? also, our PA2020 is currently configured a...

RonaldGo by L2 Linker
  • 8849 Views
  • 13 replies
  • 0 Likes

2 IP ranges

In the Juniper and Cisco firewall configurations it is possible to route a second IP range to a firewall without having to add a second default route. Is this possible under 4.0.5?My client is wanting to be able to failover between two data centers with pairs of 5020s at each site and Panorama for configuration management.If this is possible, is...

jcostello by L4 Transporter
  • 3750 Views
  • 3 replies
  • 0 Likes

ARP Timeout

Is there any way to adjust the arp timeout value from the default of 1800 seconds on the 4020s and the 2020s?

mallen223 by Not applicable
  • 2778 Views
  • 2 replies
  • 0 Likes

How to log out-of-state dropped packets ?

Hi,Last week we've replaced an FWSM cluster with a PA-5050 cluster. After the migration there were intermittent problems with our CRM application. Allthough we had no used applications but only services in our security policy, the PAN was applying the predefined siebel-crm application time-out of 60 seconds.After increasing the app timeout to 30...

ISP redundancy issues

Hello and thanks in advance for any help.I have a PAN 500 that has been doing great. We added a second ISP and used the "PANOS 3.1 ISP REDUNDANCY using Policy Based Forwarding" to setup teh second ISP and this works well (servers go out the 'routed route' and the users use the Policy based forwarded path.Now, we are getting closer to dropping on...

u7483 by Not applicable
  • 2835 Views
  • 1 replies
  • 0 Likes

Replace IPs with Objects

I have several customer vsys that have nats and policies with IPs already in them. Is there a way to automatically change those to objects that I created after the fact? Or do I have to manually go through each one and fix it? Thanks!,

SSL-VPN with Active Directory auth

Hello,I'm trying to configure SSL-VPN with Active Directory authentication.I'm running PANOS 4.0.4, and SSL-Client 1.3.0 and 1.3.1.I've configured the following:1. An Server Profile with type Active Directoy2. An Authentication Profile with LDAP authentication, and using the profile I've created at step 1. Also add a group and some users to the ...

convex by Not applicable
  • 11184 Views
  • 9 replies
  • 0 Likes

Appstore and itunes on iOS

Hi all, I have a problem with iTunes/AppStore on my PaloAlto firewall. We have a default rule for surfing with URL filtering applied (including online-music category). Every time I try to connect with a iOS device to AppStore the traffic is denied because it is categorized as online-music (i can see this in session browser).If I configure anothe...

Allowing Microsoft and Java Updates

I'm trying to allow downloads of .exe and PE files for updates but continue to block users from downloading those file types from other sources. Not sure what the best way to do this is.If I build a file filter with 3 rules like:1. allow application ms-update2. block .exe3. allow anyAre these rules evaluated in sequential order? Or will the bl...

Resolved! Web filtering only license/Idle time outs.

I have 2 PA-500 inline for web filtering only. We are having an idle timeout problem with none url traffic and have determined the issue is with the PA's. I have seen posts on this issue that relate to firewall functionality that I am not using. Does anyone know where/how to address this issue on the PA's? Thanks

rthimble by Not applicable
  • 2857 Views
  • 3 replies
  • 0 Likes

SSL VPN Security

All,I have the SSL VPN setup and working. All my remote users have access to the internal resources they need. The time has now come to add a vendor to access their specific internal server. So, I will create an user on the PA in the Local DB and configure the VPN to allow them to connect. My question is, once they connect and authenticate, ...

tohoken by Not applicable
  • 2001 Views
  • 1 replies
  • 0 Likes

URL Logs to Panorama

Is it possible to forward URL fliter logs to Panorama?Panorama version 4.0.5PAN firewall version 4.0.5We are seeing the URL categories in the ACC but no logs.

jcostello by L4 Transporter
  • 2631 Views
  • 2 replies
  • 0 Likes

QOS Interfaces

Hi,I was wondering if anyone can tell me if there is a limit to the number of 'Clear Text Traffic - to QOS Profile' mappings you can create under the advanced options within a new QOS Interface? PANOS 4.0.2.I want to setup a couple of QOS profiles, then tie these both to an egress interface depending on Source Subnet. I have about 400 subnets th...

brownn by L0 Member
  • 6260 Views
  • 6 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks