General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

security policy rule with URL filtering fails to trigger on targeted traffic

I am trying to make a rule hit on a custom URL filtering profile with HTTP header insertion for postman traffic to be allowed, so I created a URL filtering profile with a custom URL category in order to allow the specific URL ( /upload/ subdirectory specifically and not the whole domain as I am not trying to avoid scanning the rest of the subfol...

Kobi3v_0-1649341375611.png
Kobi3v_1-1649341375618.png
Kobi3v_2-1649341375623.png
Kobi3v by L0 Member
  • 2340 Views
  • 1 replies
  • 0 Likes

GP Hip notification Panorama blank?

When I try to populate the drop down for HIP notifications on the gateway, it comes up blank. All firewalls are panorama managed, but for whatever reason, I can't get this box (while on panorama) to populate with any of the current HIP profiles/objects I've created. Just looking to create a notification through a panorama defined gateway. Is ...

Sec101_0-1577821070658.png
Sec101 by L4 Transporter
  • 4505 Views
  • 2 replies
  • 1 Likes

Add new portal to Linux GlobalProtect app

Hi,I'm trying to set up two different VPN relying on two different accounts on the same Linux (Linux Mint 20.2 Uma, base: Ubuntu 20.04 focal), but I'm having some issues.From what I understood (as the VPN rely on different emails) I need to create different portals.I have already one portal setup on my laptop using GlobalProtect, but when when I...

mgabriel by L0 Member
  • 7910 Views
  • 4 replies
  • 0 Likes

unable to block downloads Command-Line Download Accelerator

Hello, I created a file download profile which allows only download rpm,bzip2,gzip and blocked rest. When I use wget iso file download blocked. When I use "axel" iso file download not blocked. What is the difference and how can I completely restrict download.Thanks."Axel, a Command-Line Download Accelerator for Linux"Tested on PanOS-9.1 Used Ce...

upelister by L3 Networker
  • 4823 Views
  • 6 replies
  • 0 Likes

How to create SMTP alert using O365 Authenticated User

Dear All I would like to check for PANOS 9.1.X, how do I configure the SMTP alert with O365 authenticated user. I had tried the steps in this URL "Configure Email Alerts (paloaltonetworks.com)" and unable to trigger the SMTP alert out. The purpose of the SMTP alert is to send reports and to notify network administrator if there's something wrong...

ttl-5206 by L1 Bithead
  • 5282 Views
  • 6 replies
  • 0 Likes

Anybody try to block Invidious yet?

The students in our school district have discovered that Invidious sites (https://invidious.io ) are able to circumvent the Youtube content blocking we had in place with our Google Chromebooks. Has anybody else experienced this yet and/or discovered a solution for 'blocking' Invidious?Thanks,

Resolved! SMTP port 25

We are progressing to moving show services to the cloud and I'm been told that port 25 is not opened or being blocked in Palo Alto. So where do I check to find out if this is being allowed or being blocked?Sorry this is a really basic question but I've been asked to resolve this because the regular guy has left the company..

Port to Port latency stats

I am trying to find out what the typical port to port latency is of the 800 and 3200 devices. I appreciate that this probably changes depending on what inspections are running, and configuration, but I am after a ball park figure for standard L2/L3 interfaces with a simple rule set, and how much extra IPSec adds.

Rich.H by L2 Linker
  • 2376 Views
  • 1 replies
  • 0 Likes

Resolved! Mobile Hotspot - Can I force SSL?

I'm working using a mobile hotspot (T-Mobile 5G), but I have chronic failures until it finally falls back to SSL. Then I run fine for many hours until I need to reconnect. Question: Can I force it connect in SSL? I'd be happy to help improve the product by diagnosing the issues, if anybody wants to reach out to me. My IT department j...

Security Report

I would like to create and export a security report giving me a simple count on the number of times an attack was attempted.The definition of an "attack" could range anywhere from a network discovery to a tentative of password brute-force, as many vectors as possible.I am using a PA-3020 on version 9.1.9 but the report won't be limited to this v...

Resolved! With GlobalProtect on Windows is it possible to exclude Chrome but include Firefox from routing through the VPN?

I have to use Global Protect on my home Windows machine purely for accessing certain work-related websites that aren't accessible without it. Ideally I'd like the rest of my browsing (e.g. Youtube) to not have to go through it. My idea for achieving this is to use Chrome (unproxied) for all my non-work browsing and Firefox for accessing work sit...

dee4006 by L1 Bithead
  • 6918 Views
  • 5 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels