This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4243 Views
  • 0 replies
  • 0 Likes

Captive portal not requiring password with user id

Hi,We've implemented a PA4020 box in a v-wire configuration with another jack on the box configured as an L3 in order to have captive portal functionality. The reason is that there are multiple computers that are logged in to with generic accounts, and we want to track individual users web traffic. Captive portal is being used as a redirect with...

jasbeck by Not applicable
  • 5051 Views
  • 3 replies
  • 0 Likes

Issue creating multiple DMZs with layer3 interfaces

I have an issue with getting 2 DMZs working in layer 3 mode on Palo Alto version 3.1.7.I have set up my first DMZ and can communicate perfectly with the internal network. When I setup a second dmz (using completely different interface ports), but exactly the same configuration I cannot communicate from the internal network to the new dmz. Funnil...

ailfionn by L0 Member
  • 3913 Views
  • 4 replies
  • 0 Likes

PAN-OS 3.17 - High Availability - Not Sync Properly

I am configuring 2 PA 2020's for a customer and am having the following problems w/the HA pair once built. Has anyone came across this issue?***** Text below was sent to my internal technical team *****I have HA setup, configured and the failover active/passive tested okay w/no issues. However the synching of the running config is having issue...

jpeadro by Not applicable
  • 6095 Views
  • 6 replies
  • 0 Likes

Response page with button continue?

Hi,Is it possible to make in response pages the button "continue"? I want to make a response page warning that this url it's not permitted, but if the user wants to continue press this button.Thanks

COMIP by L2 Linker
  • 3115 Views
  • 4 replies
  • 0 Likes

About Data-filter function for Korean language.

HelloI tested Data-filter function that can recognize English character with regex.But Korean language with regex was not recognized by Date-filter function.I think PA cannot recognize double bytes character such as Korean, Japanese and Chinese at Data-filter function right?We need PA to recognize 2 bytes character at Datafilter function.Can you...

ttongfly by L3 Networker
  • 2676 Views
  • 2 replies
  • 0 Likes

about FAST FLUX attack for BOTNET and spreading malignant code.

HelloNowadays BOTNETs are using FAST FLUX technic that makes change regularly their Hyper Link, URLs and IPs interval about 2-5 minutes. Also I guess you known kind of above attack. so It could not be prevented denying IP address, URLs and others.I wonder that PaloAlto device how protect and prevent fast flux attack for BOTNET activity and sprea...

ttongfly by L3 Networker
  • 2495 Views
  • 2 replies
  • 0 Likes

QoS Profile Classes - Maximum Egress (Mbps)

In looking at the documentation for configuring QoS, I'm not clear on the QoS Profile Classes/Maximum Egress value. Is this PER SESSION or TOTAL? We're playing around with limiting (before we block it entirely) P2P traffic. I would like to knock the user down to something low (like dial-up speeds). So do I set this at Class 8 and .05Mbs or s...

bhelman by L2 Linker
  • 6564 Views
  • 5 replies
  • 0 Likes

Resolved! Default Wire Policy Question

We're putting in a 4020 in Wire mode and to start I dont want to block anything. I just want traffic to pass through so I can gather stats. I am assuming my policy will be something like this:TRUST UNTRUST Any Any Any AcceptUNTRUST TRUST Any Any Any AcceptLook right ?Thanks,Justin

jhickey by L3 Networker
  • 3606 Views
  • 1 replies
  • 0 Likes

Resolved! Disable logging for specific users

Is it possible through rules to disable logging for specific users? We have a child protection devision in our police dept that uses peer-to-peer and bittorrent -- which makes our threat level sky rocket. Is there a way to prevent that traffic for those specific users from showing in ACC?

Regexp case sensitivity

I'm trying to create case insensitive regexp for data filtering, however couldn't find any standard regexp way which would work.Also when I tried to workaround and created following data pattern [Vv][Ii][Dd][Ii][Nn][Ii][Aa][Mn] (which is perfectly valid regexp in my opinion) I received data-object-patter-validation error.Any suggestions how to ...

SimasK by Not applicable
  • 4394 Views
  • 2 replies
  • 0 Likes

Scheduling PANOS command using ssh?

I'd like to have a command run on our PAN at a scheduled interval.I know this can't be done "on-box" but I should be able to schedule a job to connect to the PAN and run the command.I've been experimenting with plink and whilst I can make it connect and give me an interactive shell, I simply cannot get it to connect and then run the command I wa...

allow icmp type 3

Hello,How to configure policy to deny all icmp types, but only allow icmp type 3. Is it possible at all?Thanks!

ahtiakel by L1 Bithead
  • 3590 Views
  • 2 replies
  • 0 Likes

SSL VPN Problem

Hi All,I'm having teething problems with our SSL VPN client. The client installs fine on Win7-64 and XP. I've followed the recommendations for Win7-64 and the installation all seems fine. Everything works fine when establishing the tunnel. My policies and LDAP auth are working as I would expect. However, after a random time (usually no longer ...

  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks