This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4119 Views
  • 0 replies
  • 0 Likes

Does each terminal server require a client?

We have an environment with over 80 Citrix terminal servers, and it grows and shrinks pretty frequently. Does each terminal server require an agent installed on it, or is there some way of multiple servers sharing one agent? My Citrix admins are understandably concerned about trying to maintain this software on each server, and I'm not 100% su...

not block "ultrasurf" version 10.17

not block "ultrasurf ver 10.17" apparently recognizes this but does not block it, allows access to all, I need help because users are using it more and more,regardsArturo Vazquez Figueroaiii servciosMexico DF

Sorting IP Address Objects

Hi All, Having a few UI issues at the moment. One being the fact that I have a subnet that I need to find some available/unused IPs to allocate. I go via Objects->Addresses and search via the subnet 10.10.10.x. This then shows me a list of used IPs but they don't seem to be in a specific order and I can't seem to find a way to sort thes...

dpenhall by L2 Linker
  • 5850 Views
  • 6 replies
  • 0 Likes

Vulnerability / AV / etc. Setup - Best initial approach

I'm new to the 5060 and I'd like to phase in some IPS functionality over the next week. This is a production system sitting in front of fairly busy site, so I'm a little nervous.... especially being totally new to the PAN OS.What's the best approach in configuring some of the IPS features and applying them to my front-end traffic? Is there an...

cmaier by L1 Bithead
  • 2269 Views
  • 2 replies
  • 0 Likes

BrightCloud missing the Plot!

Hi Guys and GalsI see there is already multiple threads about mis-classification on URL categories! I am now pleading with Palo Alto to address this issue with BrightCloud!To reduce the none business related websites we started blocking the "society" category..... Now we are being flooded with incidents where busines related sites are being blo...

u7285 by Not applicable
  • 10691 Views
  • 17 replies
  • 0 Likes

SSL-VPN client can't connect

Have a security consultant that is trying to connect to our PAN SSL-VPN and thinks there is a bug and wanted me to report it. He was using NetConnect SSL VPN client 1.3.1 with win7 and IE9. They could not get connected and got the following error; java.net.MalformedURLException: unknown protocol: socket I found the following URL while doing a s...

dwgg by L1 Bithead
  • 2860 Views
  • 2 replies
  • 0 Likes

Panorama Logging Traffic Flow

Hi All,Does anyone have any indicative figures of the amount of data that flows from a PAN apppliance to Panorama?Say a 4050 running at a consistant 50%, and logging everything = xMB/day of logs?I'm trying to calculate what will be required to have Panorama remote to the actual appliances themselves

KatanaNZ by L3 Networker
  • 4163 Views
  • 3 replies
  • 0 Likes

Resolved! source and destination ports

Under security rules does service refer to source port or destination port and what is the best way to define both source port and destination port in a rule on version 3.1.6

ailfionn by L0 Member
  • 4402 Views
  • 3 replies
  • 0 Likes

Upgrade to 4.0.4 image version failed

Hi to all,We've two PaloAlto firewalls PA-2020 with 3.1.6 software image version and HA licensed.Both have active gold maintenance support. Last week we tried to update to the last version 4.0.4 and the upgrade process failed.Step 1We started with the first firewall downloading the image base 4.0.1 version and all was ok. We didn't install becau...

How to setup multiple SSL-VPN tunnels

I'm hoping I'm missing something obvious here...is there a good way to support SSL-VPN access for different types of users who require different access and use different authentication schemes?I am trying to setup multiple SSL-VPN tunnel configurations for different types of users. Initially, I was hoping to use a single SSL-VPN configuration a...

Resolved! Maximum life-time of SSLVPN

Hi all.I have 3 questions about SSLVPN session time-out.1. MAXIMUM LIFE-TIME of SSLVPN session?2. What are the default values of Login life-time and Inactivity logout if it isn't set.3. The meaning of "Logout/Expiration" and "TTL" come out by "show ssl-vpn current-user.Thanks.

itnsystem by Not applicable
  • 3957 Views
  • 3 replies
  • 0 Likes

bypassed PAN box using free proxies

We are tested PAN 500 NFR in our lab . Did a search for youtube proxy on google and picked the first listed . Used them and bypassed the PAN box and was able to get to facebook and yahoo mail . I couldn't get to these sites through my browser directly . I am sure there are others, people can also use . I thought PAN prevented such circumventio...

usvi by L3 Networker
  • 3845 Views
  • 4 replies
  • 0 Likes

PA500 split tunnelling DNS question

HiHave a PA 500 set up for split tunnelling - so clients access internet locally and all other traffic is passed over VPN tunnel to our officeI have DHCP set up on PA box so clients get primary DNS server (local ISP one) and secondary DNS (office one)I have set up a rule from trust to untrust to allow application DNS and service DNS however i am...

sue_town by Not applicable
  • 4164 Views
  • 7 replies
  • 0 Likes
  • 24335 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks