This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4258 Views
  • 0 replies
  • 0 Likes

Resolved! VPN Password Length

Hello All,I noticed that there is a password length limitation when using the VPN page. Can this be increased to something like 40 characters to support longer OTP characters?Thanks,Will

ausit by Not applicable
  • 3138 Views
  • 1 replies
  • 0 Likes

Resolved! NetConnect Certificates

I'm looking for a bit of info on how the NetConnect client uses certificates.I have a VPN endpoint configured on my PAN firewall which is configured to use a GoDaddy Wildcard SSL certificate. When I connect to the web portal the installed certificate is valid and recognised by the browser.When a user authenticates and the NetConnect client start...

ethiSEC by L2 Linker
  • 2846 Views
  • 1 replies
  • 0 Likes

Firewall fails with "APT-HTTP/1.3" in useragent string, like ubuntu do during update

user@unix:~/kannweg> wget -d -U"nonsense APT-HTTP/1.3" www.dackel.defails allways with2011-06-16 13:44:16 FEHLER 503: Service Unavailable.user@unix:~/kannweg> wget -d -U"nonsense APT-HTTP1.3" www.dackel.deworks.There is no log entry of this in any firewall log.Seems to be an intolerance of the Palo Alto firewall to "APT-HTTP/1.3".

mhuels by L3 Networker
  • 2300 Views
  • 1 replies
  • 0 Likes

Resolved! no-pbf action rule not matching traffic

Hello,After creating some PBF rules, I'm checking out if there's some traffic matching or not. I realize that PBF regular rules, are SHOWING matches. But the PBF with no-pbf action rules are not showing matches. I believe that the action is working but the counter is not working properly. Do you know the expected behavior?By the other hand, If t...

Captive portal for user authenticated

Hi,We have a client with Active directory domain, this client have a lot of user with the same username (generic) in domain. Actually, when a user wants to access to Internet, the proxy IAS ask the user another user/pass and then if the user have access to internet put another user/pass. Is it possible with PaloAlto? I see that the source, in ca...

COMIP by L2 Linker
  • 2339 Views
  • 1 replies
  • 0 Likes

Authentication Sequence clarification

Hello,We plan to use PA in order to provide Guest WIFI access in our Network. We need a clarification about authentication sequence feature. We plan to have two LDAP servers : the first one with only corporate users and the second one for external users. We want the captive portal to grant access to the Guest WLAN to any coporate user (with a sm...

nmarchal by Not applicable
  • 3148 Views
  • 2 replies
  • 0 Likes

REGEX Queries (RSA ID Number)

Hi All,Hope someone is able to help. I have no experience with regexSouth African ID Number are a 13 digit number incorporating date of birth, gender, citizenship and there is a check digit at the end to vilidate the number.I am looking for a way to vailidate these ID numbers.For example my ID number is 7902275404184The first 6 numbers are date ...

Resolved! Custom logo and user info avoiding peer' syncronization

Hello,I'm pretty sure that I'm beating a known bug from 4.0.1 but I wish to make sure this point before to move to 4.0.3.Syncronization between the active and the passive pans use to fail. Sometimes the running config sync fails and some minutes later it started to work without human intervention. BUG fixed at newer versions?Custom logo and user...

cant ping out from PA 2020

hellojust setting up a PA 2020 which has a management IP configured - should this be enough to perform license key registrations/downloads?eth1/1 vwire untrusteth1/2 vwire trustwhen i telnet to device i cannot ping a public IP addressi have 1 policy from trust/any/any/any to untrust/any/any/any allowthanks for any helpS

sue_town by Not applicable
  • 9799 Views
  • 6 replies
  • 0 Likes

Panorama policies pushed into device not appearing in restful api when querying managed devicewhen

Hi,I'm using Panorama to manage PA-2020 device. I defined a shared policy (Pre rule) and pushed it into one of the vsys.I've verifiedin the web interfacethat the rule appears correctly.However, when pulling the configuration from the device managed by Panorama via rest api the rule did not appear at all. I used the following query to do it:http...

Combination Custom IPS Signature

Hello all.quick question as to combination customer signature.would you please give me your advise please?- one of potential customer want their employee to forcely use company email server (when sending..) not thru the hotmail, gmail etc..- I found that one of web email service change their URL when it's time to 'write' the email content.e.ght...

bhlee by Not applicable
  • 3556 Views
  • 2 replies
  • 0 Likes

Resolved! PA-500 Upgrade to 4.0.3

Hi All,I have just upgraded a PA-500 from 3.1.8 to 4.0.3 loading the 4.0.1 base first.Once the unit rebooted the "Autocom" job has been stuck at 10% for the last 30 minutes and is still running.Has anyone experienced this before, not sure if I should kill the job and recommit ?Marc

question re split tunnelling

We are installing some PA 500 firewalls at various sites within our companyeach site has 1 connection to the internet - my question is if I want to install a dynamic multipoint VPN tunnel to connect this site to the company network and all traffic will use this - apart from internet traffic which will be pushed out locally - do I need one or two...

sue_town by Not applicable
  • 2878 Views
  • 3 replies
  • 0 Likes
  • 24362 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks