This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

What is Trusted CA Certificate used for?

According to the PA-3.0_Administrators_Guide.pdf:"Trusted CA certificate—Import an additional intermediate certificate authority (CA) certificate to trust when doing SSL decryption. If the firewall encounters a certificate that is not signed by a trusted CA, then it uses its own untrusted CA to sign the certificate and generate the expected brow...

rps by L3 Networker
  • 10250 Views
  • 9 replies
  • 0 Likes

Custom URL not working

Hi,I have a PA2020 system with Custom URL category defined and it was working fine on 3.1.4.When we upgraded to 3.1.6, the Custom URL category was not working and URL present in the custom category were being blocked, even if they were in the allow list.We have deleted and re-created the Custom Category, but same issue.Has anyone of you experien...

vinesh by L2 Linker
  • 4408 Views
  • 5 replies
  • 0 Likes

manage PAN device over a WAN, you might experience problems

Problem:If you try to manage PAN device over a WAN, you might experience problems.By manage, I mean via the Web interface, via CLI or via Panorama.The Web interface may not load Or login via CLI works fine. However a command that returns a lot of data will fail. One good example is "show log system"Or "Failed to establish SSL connection to Panor...

pnotpub by L1 Bithead
  • 4777 Views
  • 2 replies
  • 0 Likes

Resolved! Using LDAP/AD names for firewall GUI login

HiI believe I've successfully set up LDAP authentication in our Palo device. All of our groups and users are appearing when searched for using "show user ldap-server server all" and they show up in Authentication Profiles when changing the Allow List.I have added my user account from our AD domain into the LDAP Authentication Profile as detailed...

SMB URI Filtering (Custom Applications)

I'm wondering if it is possible to define an 'application' based on an SMB URI path?Example - I have two shares on a SMB SAN server \\san\public and \\san\secret; is it possible to apply a firewall rule to a Palo device that sits between this server and clients such that access to the shares can be restricted based the destination path, not just...

apackard by L4 Transporter
  • 3845 Views
  • 4 replies
  • 0 Likes

SYN Flood

hi : I have a question in regard to Flood Protection Thresholds under Zone Protection. Do the thresholds for Alert/Activate/Maximum apply to counting SYN packets directed at a partuicular host or to counting SYN packets directed at all the hosts in the protected zone.The online documentatio specifies "destination" which implies a particular IP w...

wlu by Not applicable
  • 4313 Views
  • 4 replies
  • 0 Likes

Checkpoint FW-1 Telnet Authentication - PA Alternative?

HiWe will be installing 2x PA4050s into our datacentres to replace our current Checkpoint Alteon Switched Firewalls. We use Checkpoints "telnet authentication" on TCP port 259 to allow super users access through the firewalls based on their IP address at the point of authentication. Is there anything similiar that we can do in PA-land to replica...

fmd by L3 Networker
  • 4037 Views
  • 4 replies
  • 0 Likes

Since update to 3.1.4 no ssl decryption

We have some user categories with "no decryption" but the default rule "decrypt".Before updating from 3.1.3, https://secure.eicar.org/eicar.com.txt was blocked reliably. Since 3.1.4 not. Nothing else was changed.In fact i cannot see any ssl decryption on my PAN 2050. Is there a way to troubleshoot the issue?

mhuels by L3 Networker
  • 3827 Views
  • 4 replies
  • 0 Likes

PA implementation in vwire and L3 mode ( mixed mode )

hirecently i implemented PA-500 with basic L3 setup ( router-pa-switch ) i selected e1/1 and e1/2 as untrust and trust with basic nating, now i need to add e1/7 and e1/18 as vwire with the same external router and same external switch, the idea i have a server with direct public IP i dont need to nat it, so a cable from the router to e1/7 then c...

PBF based on Apps

Hi All,I want to PBF all my google Apps traffic via ISP1 and the rest via ISP2. Under the PBF rule -> Applications I see only a subset of Apps which includes my customs Apps too. But not all Apps from where I could choose from.Any advices please?Thanks.

actibit by L2 Linker
  • 3978 Views
  • 2 replies
  • 1 Likes

Dual ISP for SSL VPN

I am having trouble getting SSL VPN to work on a newly added modem. Essentially, I want to add a new ISP connection to my PA and configure it to be used for SSL VPN. I tried to add a PBF rule, but apparently, pbf requires traffic to cross zones. So far, I have tried to create a loopback interface in a new zone, and make that zone the source for...

dpayne by L1 Bithead
  • 2706 Views
  • 1 replies
  • 0 Likes

Captive Portal - Authentication Method

Hi Palo Altorian,In Captive Portal setup, does it work with Active Directory or Palo Alto Local User Database?If yes, can anyone point to me where can i find this documentation? as i was not able to find on the technical documentation. Otherwise, it would be great if someone can shed some lights on doing this.Thanking you in advance.

eugene by Not applicable
  • 5938 Views
  • 6 replies
  • 0 Likes
  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks