This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4110 Views
  • 0 replies
  • 0 Likes

Resolved! Paloalto to Firebox

Any know issues with an ipsec VPN connection between a PA-500 to a Watchguard Firebox?

twhite by L1 Bithead
  • 6474 Views
  • 4 replies
  • 1 Likes

Resolved! IP to user mapping issues with Pan Agent

We run McAfee which does some user authentication on AD for group policies. The problem is that when this happens, the ip to user mapping shows this service account as the user instead of the actual user that is logged in. The actual user is then unable to match on a specific rule and therefore gets the incorerct access.Not sure if changing some...

hallk by Not applicable
  • 3683 Views
  • 3 replies
  • 0 Likes

Resolved! insufficient-data/incomplete application in logs but still permitted

I am currently only allowing ssl and web-browsing applications to a specific server. If I do a "telnet x.x.x.x 3389" it connects even though the rule should not allow this. I would think that the application filter is unable to block this due to the application coming up as insufficient-data or incomplete.How do I block this??

hallk by Not applicable
  • 10997 Views
  • 12 replies
  • 0 Likes

Errors with Cosutm Reports

Hi Guys,Since I have upgrade to 3.1.6 (December 2010), the PA-500 is unable to run Costum Reports longer than 1 week or last 7 days, I downgraded to 3.1.5 but this does not work. Right now I have version 3.1.6, an every time I try to run a Custom Report longer than "Last 7 days" It shows me "Communication %20 fail". Is this a bug on the PANOS or...

Blocking MP3's with file blocking/data filtering - how?

We tried using the 'MPEG' file type and file blocking, but this doesn't do the job (in fact it only seems to block MPEG video's, not MPEG-3 audio). We also tried creating a data filter with "MP3HASH" as a regular expression, but this didn't appear to match MP3's either.How can we successfully block MP3's using data filtering or file blocking?

IPS Default Protections?

I need a techincal answer for default protections with PAN IPS enabled. If possible, think in a CP-to-PAN conversion. I know...apples to oranges. TIA - Jeff

jhill by Not applicable
  • 2587 Views
  • 1 replies
  • 0 Likes

Control android and other smartphones

I managed to use the setup for blockin iphone/ipad trafic. https://live.paloaltonetworks.com/docs/DOC-1503Some questions... How do we do this for other smartphones?And is it possible to control this with IP range for instance? Or other methods?Thinking about allowing it on some locations and drop packets on other?I have not been successful on th...

oddmbjer by Not applicable
  • 3419 Views
  • 1 replies
  • 0 Likes

URL Block Question

So I have a need to block almost all internet access for a certain group of folks. They are in a warehouse and only need access to a few websites (time clock, shipping sites, etc) related to their jobs. How I'm doing this currently is to use a Active Directory policy and forcing a non-existant proxy server and then using the exceptions list to ...

What is Trusted CA Certificate used for?

According to the PA-3.0_Administrators_Guide.pdf:"Trusted CA certificate—Import an additional intermediate certificate authority (CA) certificate to trust when doing SSL decryption. If the firewall encounters a certificate that is not signed by a trusted CA, then it uses its own untrusted CA to sign the certificate and generate the expected brow...

rps by L3 Networker
  • 9958 Views
  • 9 replies
  • 0 Likes

Custom URL not working

Hi,I have a PA2020 system with Custom URL category defined and it was working fine on 3.1.4.When we upgraded to 3.1.6, the Custom URL category was not working and URL present in the custom category were being blocked, even if they were in the allow list.We have deleted and re-created the Custom Category, but same issue.Has anyone of you experien...

vinesh by L2 Linker
  • 4304 Views
  • 5 replies
  • 0 Likes

manage PAN device over a WAN, you might experience problems

Problem:If you try to manage PAN device over a WAN, you might experience problems.By manage, I mean via the Web interface, via CLI or via Panorama.The Web interface may not load Or login via CLI works fine. However a command that returns a lot of data will fail. One good example is "show log system"Or "Failed to establish SSL connection to Panor...

pnotpub by L1 Bithead
  • 4671 Views
  • 2 replies
  • 0 Likes

Resolved! Using LDAP/AD names for firewall GUI login

HiI believe I've successfully set up LDAP authentication in our Palo device. All of our groups and users are appearing when searched for using "show user ldap-server server all" and they show up in Authentication Profiles when changing the Allow List.I have added my user account from our AD domain into the LDAP Authentication Profile as detailed...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks