This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Which ports are being used by PAN?

When you for example set an url-category into "continue" the continue response-page is issued through tcp 6079.However there is no need to setup a policy for this traffic since the PAN will handle this on its own.But when I enabled captive portal with ntlm-auth I noticed blocked traffic towards the L3 interface of the PAN at tcp 6080 and 7080.Wh...

rps by L3 Networker
  • 5418 Views
  • 2 replies
  • 0 Likes

Resolved! Client IPSEC VPNs

Hi, Can anyone confirm whether IPSEC VPNs(Client) be integrated with active directory for authentication ?

Disabling server sessions on PAN agent ?

Hello,In pan-agent, is it possible to disable server sessions monitoring and to work only on security logs, is there any option in GUI or in configuration file of the pan-agent that can be modified to reach this bheaviour?Regard's

asia by L3 Networker
  • 3851 Views
  • 3 replies
  • 0 Likes

Resolved! SSL Certificates

Hi Guys,Hopeing you can answer a couple of questions I have regarding SSL certificates.1) How does the Palo Alto device itself handle SSL when it is doing interception? Can you set that it would block traffic when for example, an online banking sites certificate has expired, force OCSP, etc.2) How does the Palo Alto maintain its own list of CAs,...

security audit standard for PAN OS

Has anyone developed a PAN-specific security audit standard that can be used for verifying the efficacy of PAN firewalls as a firewall / IPS control? If so, can you share? Thanks

Resolved! Recommended way to do whitelists/allow lists?

We've just purchased a PA box.AIUI the recommended way to do a rule that allows (for example) all PC's access to www.domain.com would be to create a URL filtering profile that blocks all categories, and then to add www.domain.com to the allow list of that URL profile.Then create a rule (likely towards the bottom because of the "block" action for...

URL Categories different in Panorama than PA Firewall

I have noticed some of the URL categories are different in my panorama box when compared to my PA firewall when creating custom reports. I have verified they are running the same PAN os level (3.1.8). This makes creating custom reports on my panorama difficult when trying to filter on these categories since my PA4020 is logging these as a differ...

Reporting issues - porn sites

I got a very simple request this morning.Show me logs of user X going to pornography sites.I have 2 PA-4020s and Panorama. I know this traffic occured but cant generate it in report for anywhere.This is a very critical and basic need.Can anyone share techniques that help them get these reports?Thanks,Justin

jhickey by L3 Networker
  • 7566 Views
  • 8 replies
  • 0 Likes

IPv6 Traffic Report

I have been trying to create a traffic report that summarizes traffic over native IPv6.Not much progress - any recommendations for creating IPv6 reports would be appreciated.Thanks!Respectfully,Peter RoundsNetwork EngineerSyracuse Universityphrounds@syr.edu

phrounds by Not applicable
  • 3318 Views
  • 2 replies
  • 0 Likes

File blocking not working with Hotmail

I've tried to use the file blocking option to ban attachments on Hotmail. But it's not working on me.1. Created file blocking profile for hotmail application, certain file types and chose both directions -> block.2. Created security rule with my IP as a source and hotmail, ssl, web-browsing in applications (added these after the warning on co...

Memory error on PA-500

I've just noticed this error in system logs: DP DDR0 ECC single 69, double 37, dimm 0, rank 1, bank 3, row 0x1434 column 0x300 andDP DDR0 ECC single 65, double 32, dimm 0, rank 1, bank 7, row 0xa5f column 0xf60 Is this memory error and what should I do to resolve this?

PAN Agent internal, Management interface external

I run a PA-2020 situated in a data centre.It is the core router and Internet gateway for a very distributed network, mostly Interent VPNs to the PAN itself.There are a couple of servers co-located with the PAN, connected to its inside interface.Due to the architecture of the network, I have elected to put the management network on a public IP an...

challenge by Not applicable
  • 2658 Views
  • 1 replies
  • 0 Likes
  • 24379 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks