This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4119 Views
  • 0 replies
  • 0 Likes

Websense's Dynamic Protection against Web Malware

Yesterday, one of my customers asked me if PAN has or is working on a feature like Websense's Dynamic Protection against Web Malware. Supposedly, Websense customers are protected against known web sites that get attacked and compromised, by automatically blocking them in their ThreatSeeker Network. The example the customer used was when Google g...

jwolach by L4 Transporter
  • 2957 Views
  • 2 replies
  • 0 Likes

PAN-Agent Multi Domain and Group membership

Hi,We have a forest domain with 2 child domains. Now I have 2 pan agents installed for both domains and it's working well.Now I have the following problem about wich groups to use.I must use 2 global groups to give users access through the firewall. A global Group from domain A and a Global Group from Domain B. So this means I must administer 2 ...

u2343 by Not applicable
  • 4355 Views
  • 1 replies
  • 0 Likes

How to track user ip changes while using the UIA PAN agent?

Hello,I'am using the PAN agent with AD to indentifie users, and i noticed that whene users chage there ip adresses (going on wifi or vpn...) the agent is not able to establish the new mapping. Is there any solution to this issue. Is there any évolution of the agent in the 3.1 version of PAN-OS. And if it will be some solutions, is it working for...

asia by L3 Networker
  • 4455 Views
  • 4 replies
  • 0 Likes

How to limit HTTP download in web browser?

Hi All,Can anyone kindly guide me on how to limit HTTP download using QoS?My customer requirement :1.Limit any file download speed for web browser application at 500kbps. Example : www.microsoft.com,www.download.com & etc.2.The web surfing speed still maintain at 2Mbps.I had try to configure at QoS policy and set the application -----> we...

jeffhooi by Not applicable
  • 2832 Views
  • 1 replies
  • 0 Likes

NAT/Can a subnet span multiple interfaces?

We currently have our PAN configured with a simple 2 NIC L3 setup, the internal NIC is on a private IP, the external NIC is on a public IP on a /24.We have a bunch of public facing websites that are currently outside of the PAN on a server that is connected to the same switch as the external NIC of the PAN, so each website/service on that serve...

Terminal Services for Windows Server 2008

Our current setup for terminal services for Windows Server 2008 is setup through our ISA 2004 firewall. We plan to move to the PA-500 and and the Terminal Services Agent only works for Windows Server 2003, is there anything we can do to fix this?

awilliams by Not applicable
  • 9344 Views
  • 12 replies
  • 0 Likes

Resolved! How the PAN build the TTL and the Max TTL values of the ip-user-id mappings ?

Hi,I noticed a difference between the ip-user-id mappings inside the PAN-agent (45 mn by default) and those inside the firewall ( TTL and max TTL). I want to no how this values is built, is there any relationship between them and the ageout configured on the agent. If yes, how this values are derived?Thank you in advance.Asia.

asia by L3 Networker
  • 6604 Views
  • 2 replies
  • 0 Likes

Resolved! Allow Polycom's Teleconferencing

Hello,Here is the setup on Cisco ASA to let the Polycom's Teleconferencing worksallow source: tcp / H323 destination anyallow source any destination UDP 1718-1719, 3230-3247, TCP 1731, 3230-3235, h323Please advise how to set it up in PAN OS 3.0.6 , model 4020.Thanks.Leo Le

leole by L2 Linker
  • 4689 Views
  • 2 replies
  • 1 Likes

Zone Protection Severity Levels

What are the severity levels that get logged to the Threat Log for the Zone Protection Profile Flood Protection, Reconnaissance detection, & Packet-based attack protection attacks?

jwolach by L4 Transporter
  • 3578 Views
  • 3 replies
  • 0 Likes

Resolved! Scheduling policies and continuous tcp sessions

Dear Gentlemen,Does anybody know how we can configure the policies to block a continuous TCP session when the schedule runs out?The test we are trying to do is to block a skype discussion during a scheduled time.During the 'allowed' time, we can launch skype and discuss normally. Good.During the 'blocked' time, we are not able to connect skype t...

itbrain by L0 Member
  • 4825 Views
  • 3 replies
  • 0 Likes

Button for "Dynamic URL Filtering" is not there

The checkbox for "Dynamic URL Filtering" is supposed to be in the URL Filtering security profile.I have a PA-4020 that does not show it. It's running 3.0.6.I also have a PA-2050 which is running v3.0.5 and it does have the checkbox. Did the checkbox disappear in 3.0.6?

ksalustro by L3 Networker
  • 5111 Views
  • 5 replies
  • 0 Likes

Using two different Radius at the same time?

In service route configuration one can define which interface should be used by the managementplane to reach the Radius server which you will use.However Radius can be used both for admin-logins aswell as captive portal (user-logins).Is it possible to setup one Radius to be used for admin-logins (towards the PA unit) and another Radius to be use...

rps by L3 Networker
  • 5745 Views
  • 8 replies
  • 0 Likes

How do one completely drop packets for a specific url or url-category?

When setting up an url-filtering you can choose from the following actions:AllowBlockContinueOverrideAlertThe downside with block (like when blocking the category web-advertisements) is that the content is exchanged into the response page for blocked url filtering.How should I setup the policy if I want to completely drop all packets that belong...

rps by L3 Networker
  • 3454 Views
  • 2 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks