This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4118 Views
  • 0 replies
  • 0 Likes

Resolved! manage standalone or in panorama

I heard its best to manage the firewalls in Panorama. I have imported the primary and secondary firewalls into Panorama.....i had 1 security rule that i added directly into the firewall (not via Panorama) - any ideas why i cant see this rule from Panorama? just trying to understand this before i start adding rules and updating the firewallstha...

sue_town by Not applicable
  • 6880 Views
  • 8 replies
  • 0 Likes

Configuring URL filtering from command line

Hi all,Just wondered if anybody knew of a quick way to apply the same action to all categories within an URL filter please?It's not the end of the world if it can't be done, it just seems to me that a wildcard option would be useful.For example, if I wanted to create a URL filtering profile called "minimal" which just allows 3 categories, I woul...

DavePalo by L4 Transporter
  • 4154 Views
  • 4 replies
  • 0 Likes

Resolved! bright cloud updates 3.16

Recently i have requested to make changes in one URL from brightcloud because of the wrong catergories and they said they have made changes in 3.61 version.i have downloaded the lastest updates 361 for URL in paloalto , still when i open the site it is coming in the wrong catergoies .

jerry by L1 Bithead
  • 5814 Views
  • 9 replies
  • 0 Likes

Resolved! query on cpu usage limit

Hi,Can anyone clarify me on below queryIn CLI if we type show resource monitoring, it will show us the status for cpu ...what parameters should consider in resource monitoring(for IDS Health check)and what is the max limit for cpu usage and buffer size capacity.ThanksPriya

Is it risky to that allow browser-based apps on any ports

I'm considering to create a policy for Internet access to replace traditional Internet rule (i.e. outbound 80/tcp or any other ports raised by user per special request). To minimize future special request by user, I prefer to allow any ports if app-id identified the traffic as "browser-based apps". Would it be too risky to enable such rule (pr...

u7541 by Not applicable
  • 2578 Views
  • 1 replies
  • 0 Likes

Can I not to install user identification agent to the domain controller?

The client would like to use their Active-Directory for user identification in PAN.However, they are not prefer to install the agent in their domain controller.Is it possible to install the agent in a computer which has already joined the domain, but not on the domain controller?If so, what rights the user account/computer should have?Please als...

frankchow by Not applicable
  • 2650 Views
  • 1 replies
  • 0 Likes

Outbound email traffic is using the public IP assigned to FW external interface

Hi,New user of PA Firewall here. I noticed that when we send out emails, the recipient is seeing that the email comes from the public IP which is assigned to the external interface of our PA firewall. Before moving to PA, we can see the public IP NATed to our email server. Is there any configuration we missed? Or is this how it should be?Appreci...

rmarquez by Not applicable
  • 4121 Views
  • 3 replies
  • 0 Likes

Resolved! APP limitation using PBF

Hi,after doing an upgrade from 4.0.1 to 4.0.3 the candidate config fails due to incompatible app used at PBF. Where can I find the compatible app with PBF? There's no way to use custom app with pbf?Thanks,Robclav

Resolved! About APPs with PBF

Hello Team.I seached and know that PBF can be used with Application that not to have HTTP tunnel function and application dependency. so I want to know what application is can be used with PBF rule. If you have a list of application for PBF, let me know. Thanks.Regards.Roh.

ttongfly by L3 Networker
  • 2597 Views
  • 1 replies
  • 0 Likes

Wildcard Cert Import

I'm trying to import a wildcard cert for a domain we own and encouring several problems. First, I can't seem to import a cert without a pass phrase. Second, I'm getting the below error even though the name I'm trying to use is only 20 characters:name can be at most 32 charactersInvalid nameIs there a way to get around either problem? I'm thin...

nlevay by Not applicable
  • 4856 Views
  • 4 replies
  • 0 Likes

Permit ICMP to dynamic NAT address

I have an odd request. We (pardon the non palo alto lingo) PAT our traffic out a specific address. We need a way to have our remote global load balancers to ping back to the source address of the users (the PAT address) to create proper load balancing metrics. The IP address of the dynamic NAT is not pingable (but static nats are).Any way to m...

btraister by Not applicable
  • 2848 Views
  • 1 replies
  • 0 Likes

VPN authentication OK, user authentication KO

Hello We have an active directory forest with 2 domains:The first one as been configured in our PA2020 to allow VPN access through Radius and then we use AD groups to make policies rules.All works fine. At login, users specify “username” and password without domain name.Radius allows access and in PA2020 logs we can see user name: “domain1\usern...

admincda by L1 Bithead
  • 3687 Views
  • 3 replies
  • 0 Likes

Resolved! APP-ID for Google+ ?

Hi Folks,there are already more than 20'000 Google+ profiles but no APP-ID for it?Any information on this?Regards,Sylvia

sylvia by L1 Bithead
  • 4350 Views
  • 4 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks