This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4135 Views
  • 0 replies
  • 0 Likes

URL Filtering based on AD Group membership

I'm trying to created a URL filter that only applies to a specific AD Group.I have a URL filter that applies to all known and unknown users, but it's fairly restrictive. I have a group of users that require a slightly less restrictive URL filter.These users are all currently a member of a specific AD group, and I'd like to apply the less restic...

management-console not available via https after upgrade from 3.1.7 to 4.0.1

Hello all,after upgrading from PanOS 3.1.7 to 4.0.1 I can not access the management-console via https.ping and ssh are still working.Even after downgrading back to 3.1.7 and loading the saved configuration, I can not access the management-console via https.disable-https is set to 'no'.Can anybody help?PS:the webserver-logfiles contain the follow...

PBF policy not working.

Hi,I have packets that arrive on interface eth1/10 that I need to be forwarded back out of eth1/10 with a next hop address of another router on that subnet. I have created a pbf rule that I hope would achieve this however it is currently not working. It looks like the following :==========================================================Interface...

debsPal0 by Not applicable
  • 2641 Views
  • 1 replies
  • 0 Likes

Resolved! Application usage – Implement Time limit

I would like to schedule certain application for user to use. Here are the examples.User can use You-Tube or http-audio only 30 minutes per day.OrUser can only use You-Tube / other streaming media between 9:00-9:30 am and then 5:00pm - 6:00 am .User can visit gmail.com or mail.yahoo.com only 30 minutes per dayOrVisit gmail.com. between 8:00 ...

ssarcar by Not applicable
  • 4144 Views
  • 3 replies
  • 0 Likes

Comprehensive IANA service port listings

[SO] I'm putting together a configuration and I'm wondering if I'm doing any duplicate work that maybe some other PA customer has already done and may be willing to share. I'm creating service definitions that are IANA defined for example:set service service-mstsc description "microsoft terminal services" protocol tcp port 3389set service servic...

bjaming by Not applicable
  • 11024 Views
  • 9 replies
  • 0 Likes

Resolved! QoS Question

All,I am trying to wrap my head around QoS and how it functions. What I want to do is to limit the download rate of streaming media. I understand the rule creation and placement. I assign my QoS policy to my trusted zone interface so that the download will be controlled. What I am having a hard time understanding is how this really controls ...

tohoken by Not applicable
  • 2898 Views
  • 1 replies
  • 0 Likes

Resolved! IPS Signatures

Hi, does anyone know if PAN retires somehow the old IPS signuters?Into the update bulletin there are informations only for new and modified signatures, not for the retired ones.For example yesterday night I received the PAN bulleting and Cisco. In the PAN's email 65 new signatures were added and 14 updated. In che Cisco's 10 added/modified and 2...

zanonibs by Not applicable
  • 3956 Views
  • 2 replies
  • 0 Likes

500-652 Antivirus Version Makes our PAN unavailable

Guys,Has anybody faced a problem regarding the latest AV version 500-652 as after installation our firewall behaves strangely (Commit failed - Down and up again - AV version mismatch)We have called support and they have told us that there is a process called tdb_compile that needs to be run after installing this AV version and this process consu...

Update PA2020 from 3.0.6

Hello all,I'm doing some maintenance work on a PA2020 and just found out that it is way out-of-date. The software release is 3.0.6 and the other updates Threat and Apps is nonexistent...What is the recommended upgrade procedure for this? I would like to take this to 3.1.8Should I export the configuration and do a factory-reset to release 3.1.8 o...

Resolved! what "session table utilization" is really mean?

Hello guys.I have question about session information of PA. PA showed session table information after command "show session info"And this command contains that information of "session table utilization" but I wonder about that information about maximum session or concurrent session?Thanks.Regards.Roh.

ttongfly by L3 Networker
  • 3509 Views
  • 2 replies
  • 0 Likes

Resolved! About Link Aggregation

Hello guys.I tested about link aggregation for PA4060 that connected CISCO SW. but PA only connected "channel-group mode on" that mean disabled PAgP en LACP only with Cisco SW.I think PA should connected other devices using LACP (802.3ad) but result was not.So I want to know that configuration of guideline for link aggregation of PA.Thanks.Regar...

ttongfly by L3 Networker
  • 6644 Views
  • 4 replies
  • 0 Likes

Not able to get DNS working

Hello,After visiting the forum, i have tried all options, but still the PA 500 wouldnt talk to the outside world.Source recognition under device to routing has all been checked. But there is one peculiar error whichi am getting again and again Device: Invalid IP address (NaN), but the forum said it is a bug and i verifiedif there is anything un...

nsalian by Not applicable
  • 7014 Views
  • 4 replies
  • 0 Likes

Resolved! Palo Alto configure as access port

Hi All,It has been sometime that i haven't touch on Palo Alto device and i want to clarify whether can i configure as access port (or called as untagged port) other than normally create L3 vlan routing?I don't see such settings available on the configuration.

eugene by Not applicable
  • 4318 Views
  • 1 replies
  • 0 Likes

Resolved! Filtering On Multiple Brightcloud Categories

I have come across a site that has been assigned three categories by Brightcloud. They are Streaming Media, Adult and Pornography, and Internet Communications, in that order. In our setup we allow Streaming Media and Internet Communications but block Adult and Pornography. It would appear that Palo Alto only looks at the first category in the Br...

shopeman by Not applicable
  • 6403 Views
  • 6 replies
  • 0 Likes

Looking for options to control access to web site.

I've read the authentication doc, but have not found a suitable solution for limiting access to a single hosted site via the PA. Is there something I am overlooking?What I'd like to do: Host a test site, but only offer access to users we hand pick. It would be fine if we had to provide credentials of some sort to these users, but we do not wa...

JKoss by L2 Linker
  • 2260 Views
  • 1 replies
  • 0 Likes
  • 24340 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks