This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4235 Views
  • 0 replies
  • 0 Likes

Problem with IPSec and GRE

HelloI have a bg problemThe need is to create such a configuration: external IPSec tunnel and next GRE tunnel inside the previous one. IPSec tunnel must be created between my PA device and external gateway. GRE tunnel mus be created between my cisco router inside my network and other cisco router behind external gateway. Then there must be allow...

Revoked Certificate treating as Valid, is it a bug?

I have set up Client Certification Profile, and use in SSL VPN. I tried to revoke a cert. Firefox already able to valid that cert is invalid but PaloAlto still allow that certificate, I was able to verify from my OSCP server that PaloAlto had a successful query to my server, but I dont know what it is still allowing that revoked cert in SSL VPN.

muratahk by Not applicable
  • 5377 Views
  • 4 replies
  • 0 Likes

Resolved! Mobile Devices (Apple & Android)

Our school district has started purchasing mobile devices, the iPad2's and some Xooms.I've noticed in the Monitor logs that they don’t always fall until the default rule? So far two have been using the Admin rule which opens all but Adult content. These devices are not logging into the domain, they do not requester with DNS but they do get the...

Resolved! Application Choice in Security Policy

All,I am setting up a security policy that will allow inbound ssl traffic only to a secured web server. The NAT rule is already created but I have a question about the application choices for the security rule. If I just list ssl as the application will that work or do I also need to have web-browsing added also?Ken

tohoken by Not applicable
  • 2353 Views
  • 1 replies
  • 0 Likes

Palo Alto Site Survey

Hellofor my job, i will need to do a site for the installation of Palo Alto Firewalls (not still decided if it will be a cluster or not)Do soemone has some experience for that? What does i need to consider? Power supply, rack space, connectivity?Thanks for help

mmichel by Not applicable
  • 2069 Views
  • 1 replies
  • 0 Likes

Howto filter javascript in mail-data?

It seems to be not possible to write a custom signature, which filters out javascript in mails.The challenge is to avoid something like that:#> telnet server 25helo willimail from:<otto@lbsost.de>rcpt to:<m.huels@lbswast.de>dataFrom: Mannis Emailcheck <otto@lbsost.de>To: willi@lbswist.deX-Mailer: Mein Mailer Subject: test f...

mhuels by L3 Networker
  • 3209 Views
  • 3 replies
  • 0 Likes

Drive By Downloads

We turned on block/continue protection for .exe and PE files yesterday, but we're having issues with some sites not showing the page at all and sometimes the window is so small and not resizeable.This happens in both IE9 and Firefox 3.6.I was trying to download from cnet downloads and the links were basically all broken.I tried to download winFF...

Can you use the PANOS 3.1 style (CSS) in PANOS 4.0 GUI?

Is it possible to replace the PANOS 4.0 styles with the ones from PANOS 3.1? The higher-contrast colors that were used in PANOS 3.1 were much easier on my aging eyes. The very subdued PANOS 4.0 colors make it difficult to differentiate between different states - enabled/disabled/global/local rules for example. The new styling seems to me to be a...

PANOS 4.0.2 - User Management for Captive Portal

HiI'm now running PANOS 4.0.2 on both Panormara and 4050s. I have some local user accounts setup on the 4050s to authenticate some Captive Portal users for specific services. I was under the impression that this would be more integrated into Panorama with the 4.0.x release. But I can't see what I can do that is better. I thought it meant I may b...

fmd by L3 Networker
  • 2575 Views
  • 2 replies
  • 0 Likes

Page Redirect after Web Block

Hi,We use web filtering of Palo Alto to block websites. Is it possible to redirect users to another website instead of the default block page?Thanks,Rex

Resolved! Configuring OSPF

I am having some fundamental problems configuring OSPF. Here's the simple configuration:PA interface IP: x.y.200.94/29Cisco interface IP: x.y.200.85/29First problem...From the PA CLI I can ping the remote Cisco router just fine:admin@fs> ping source x.y.200.94 host x.y.200.89PING x.y.200.89 (x.y.200.89) from x.y.200.94 : 56(84) bytes of data...

quist by Not applicable
  • 4750 Views
  • 2 replies
  • 0 Likes

4.0.1 not as smooth as it could be...

Hi,not sure if its me, but the new interface seems very slow compared to the previous version and if I am honest I dont think some of the interface changes are for the better...But its definately slower to complete tasks under 4.0.1 than 3.1.7Just my thoughts...Darren

djbisbey by Not applicable
  • 3654 Views
  • 4 replies
  • 0 Likes

dscp and qos

hi all,can someone show me the way how i can map traffic with a specific DSCP tag to a specific class in qos profiles? only one place where i saw notice about DSCP - it's in security policies. in general, i want to recreate QoS policies on PAN device from my old router.

Palo alto to Checkpoint VPN

Is there any body tested the vpn functionality between palo alto to a policy based vpn such checkpoint? Can you guide me the steps on what to do with regards to what policy to allow and how to configure the vpn parameters? also i noticed that there is no option for ipsec sa for group2 with nopfs in palo alto, do you know if this is a limitation ...

u6960 by Not applicable
  • 5858 Views
  • 4 replies
  • 0 Likes
  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks