This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4229 Views
  • 0 replies
  • 0 Likes

Packet Capture instance within Details of Traffic Log

Hello,What is the significance of the "green down arrow" packet capture within the "Details" field of the Traffic Log? We have no packet capture defined and it only shows up randomly for certain connections. Is this an automatic output if there are issues within the session? Thanks!Cheers,Mike

MGoodnow by L4 Transporter
  • 4130 Views
  • 2 replies
  • 0 Likes

Honeynet off of PA

Hello All,I have just started configuring PAN 4020 for the first time - a newbie - planning to run it as virtual-wire. However, I was informed that the FW supports hybrid routing - i.e. l2, l3; my question regards a honeynet, that I want to hang off the PAN - has anyone done this, and if so could you provide suggestions, documentation, links, e...

tchong64 by Not applicable
  • 2743 Views
  • 2 replies
  • 0 Likes

Resolved! SSL VPN client support - Apple iPad?

Does anyone know of a way to get an SSL VPN established with an iPad?I've managed to make it work with XP, Windows 7 (32 and 64 bit) and OSX, but I don't think the iPad is supported.Is this likely to be on the roadmap, or failing that is there an alternative method of getting a VPN connection to an iPad working with PanOS?Thanks

dagibbs by L4 Transporter
  • 5001 Views
  • 3 replies
  • 0 Likes

Resolved! URL Group Management

Question - I have a default URL profile for all departments blocking a vast number of categories. I want to allow contain sites for other groups say sales, admin, IT, surveyors... Do I need to copy all the URLs or can I set a profile that simply adds the extra URL allows for the specific group to a rule? Currently I can only seem to create wh...

djmac by Not applicable
  • 3475 Views
  • 1 replies
  • 0 Likes

FTP slow through PA-500

Hi,We have our PA-500 set up as follows:Ports 1 & 2 as VWire connected to our firewall with AV and malware scanningPorts 3 & 4 as L3 for our user traffic, scanning AV and Malware and URL filteringWhen a user uses FTP to send files to servers on our DMZ through the L3 connection they are only getting 2-300kbp/s throughput, but if they use...

lhank by L0 Member
  • 6933 Views
  • 4 replies
  • 0 Likes

eDirectory V7.3

Has anyone tried the UserID agent with V7.X? I know its only supported from 8.8 but has anyone had a go with V7.3?

djmac by Not applicable
  • 2929 Views
  • 2 replies
  • 0 Likes

Ultrasurf blocking

Hi, We have PAN 500 with the firmware version of 3.1.2. It faild to identify the new version of ultrasurf (Ultrasurf version 10.02).How to identify and block the Ultrasurf by paloalto.is there any other way to block it. pls help me.

PAN Agent Settings

We are implementing the PAN User ID agent and we were wondering what everyone else was doing.. did you just leave it as the defaults?

network by L0 Member
  • 3339 Views
  • 2 replies
  • 0 Likes

Bundle CA cert with Captive Portal cert?

Just bought a cert from Thawte and am trying to make use of it for captive portal redirects. I've run into an issue in that, while the unit can import the host certificate fine, none of the captive portal client's recognize it as it's been signed by one of Thawte's new Intermediate CA's.I read a technote in the discussion area that someone was ...

rahmant by Not applicable
  • 3478 Views
  • 2 replies
  • 0 Likes

Resolved! How to setup Captive Portal for Macs and Linux

Hi,I'm having trouble setting up Captive Portal for our Macs and Linux users.We have a PA-500 running 3.1.5, with Active-Directory, which is working fine for user authentication.I've tried setting up a Captive Portal for the remaining users (so we can turn off our MS ISA server), but have found several documents and guides, but not it seems for ...

lhank by L0 Member
  • 5583 Views
  • 2 replies
  • 0 Likes

Multiple WAN interfaces

Currently going through a ISP change. We have the luxury of having both WAN links up so we don't have to do a hot cut. I'm trying to figure out how this can be achieved. The set up needs to route requests back out the interface on which they were received. Example web requests comes in on ISP A's link, it needs to respond back out ISP A's li...

Resolved! HA config

Did I unstand it right, that the PaloAlto firewalls doesn't need virtual and self-ip-addresses for HA?I just watched the HA config video, but there was no part for configuring the layer 3 interfaces for HA. At the moment we use checkpoint firewalls and therefor we need at least 3 ip-addresses for each subnet: Example: 192.168.1.1 virtual IP192.1...

gzauner by L0 Member
  • 4217 Views
  • 3 replies
  • 0 Likes

Resolved! Citrix Session Reliability - port 2598 tcp

I have a policy that allows traffic to my Citrix server using application objects Citrix, Citrix-jedi, web-browsing, and ssl. The Citrix object includes 2598 tcp (session reliability) as a standard port. I originally had service set to application-default, but I noticed that traffic on 2598 is being shown as "unknown-tcp" application, and is bei...

Data Filter Custom Report: No way to filter by File Name?

I am trying to create a Custom Report to show all Executables coming in and out of PA. We do have a few .EXE files that are allowed to run through the network. Is there no way to exclude these from the report by file name?For example...File Name != abcd.exe

jambulo by L4 Transporter
  • 3285 Views
  • 2 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks