This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4113 Views
  • 0 replies
  • 0 Likes

PAN Agent Settings

We are implementing the PAN User ID agent and we were wondering what everyone else was doing.. did you just leave it as the defaults?

network by L0 Member
  • 3301 Views
  • 2 replies
  • 0 Likes

Bundle CA cert with Captive Portal cert?

Just bought a cert from Thawte and am trying to make use of it for captive portal redirects. I've run into an issue in that, while the unit can import the host certificate fine, none of the captive portal client's recognize it as it's been signed by one of Thawte's new Intermediate CA's.I read a technote in the discussion area that someone was ...

rahmant by Not applicable
  • 3449 Views
  • 2 replies
  • 0 Likes

Resolved! How to setup Captive Portal for Macs and Linux

Hi,I'm having trouble setting up Captive Portal for our Macs and Linux users.We have a PA-500 running 3.1.5, with Active-Directory, which is working fine for user authentication.I've tried setting up a Captive Portal for the remaining users (so we can turn off our MS ISA server), but have found several documents and guides, but not it seems for ...

lhank by L0 Member
  • 5529 Views
  • 2 replies
  • 0 Likes

Multiple WAN interfaces

Currently going through a ISP change. We have the luxury of having both WAN links up so we don't have to do a hot cut. I'm trying to figure out how this can be achieved. The set up needs to route requests back out the interface on which they were received. Example web requests comes in on ISP A's link, it needs to respond back out ISP A's li...

Resolved! HA config

Did I unstand it right, that the PaloAlto firewalls doesn't need virtual and self-ip-addresses for HA?I just watched the HA config video, but there was no part for configuring the layer 3 interfaces for HA. At the moment we use checkpoint firewalls and therefor we need at least 3 ip-addresses for each subnet: Example: 192.168.1.1 virtual IP192.1...

gzauner by L0 Member
  • 4162 Views
  • 3 replies
  • 0 Likes

Resolved! Citrix Session Reliability - port 2598 tcp

I have a policy that allows traffic to my Citrix server using application objects Citrix, Citrix-jedi, web-browsing, and ssl. The Citrix object includes 2598 tcp (session reliability) as a standard port. I originally had service set to application-default, but I noticed that traffic on 2598 is being shown as "unknown-tcp" application, and is bei...

Data Filter Custom Report: No way to filter by File Name?

I am trying to create a Custom Report to show all Executables coming in and out of PA. We do have a few .EXE files that are allowed to run through the network. Is there no way to exclude these from the report by file name?For example...File Name != abcd.exe

jambulo by L4 Transporter
  • 3248 Views
  • 2 replies
  • 0 Likes

Recording User in Logs

This should be an easy one. Just looking for confirmation.The only way to get user information in traffic/url/threat logs is to a) use the PAN User Agent to query AD/WMI or b) setup a caputive portal. Is this correct?We have a WPA2 wireless network available for students on campus. They authenticate via 802.1x to a RADIUS server to access it....

Resolved! Multiple Userid Agents

It is possible to add multiple userid agents (AD in my case) which serve a single domain to my PAN4020 for the purposes of redundancy?Justin

forfarj by L1 Bithead
  • 4332 Views
  • 2 replies
  • 0 Likes

PA-500 problem with ISA Proxy Server

Dear, We have the question concerning using Palo Alto with Microsoft ISA Server.We have implementation of a Palo Alto in the network where Microsoft ISA Server is used as proxy (8080 port). We installed PA in network as Virtual Wire so we don't disturb their current infrastructure. In Monitor we could only se users going to the proxy as the Dest...

Resolved! Panorama: is there a way to limit to device access within Web GUI

Hello,Our Panorama has set up with several PAN devices like 500s 4020s and 4060s. Just want to clarify one thing.Within the Panorama Web GUI, is there a way to set up that only a couple staff in the Central Operation Center able to access all devices while limit remote staff with only their local assigned device ?I know that the remote support s...

leole by L2 Linker
  • 3123 Views
  • 2 replies
  • 0 Likes

Resolved! Blackberry?

I may be wanting to setup a BES behing our PAN on the LAN.Is there any more to it than creating an inbound security and NAT policy, and specifying the application as Blackberry with the service "application defaults" please?Thanks all.

VASCO supported ?

Hi all,Anyone know if Palo Alto 2050 support two-factor authentication via VASCO or not ?Many thanks,

warut by Not applicable
  • 2516 Views
  • 1 replies
  • 0 Likes

Problem in receiving email

Hi,I face a problem with the smtp app. currently my PA500 do not set any deny action.However, I facing a huge delay when receive the email through the SMTP. Sometimes, the can receive the email and need to replace the PAN to other firewall or router.When i use other firewall/router to replace the PAN PA500, i did not face this issue.I wonder if ...

jeffhooi by Not applicable
  • 2844 Views
  • 2 replies
  • 0 Likes
  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks