General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

The Enhanced LIVEcommunity Experience is finally here! Learn all about it.

General Topics

Forum Posts

Registration now open - Interactive Event!

Hi everyone, If you haven’t already seen, registration is now open for our first interactive event all about the Best Practice Assessment (BPA) tool! You will be able to connect with subject matter experts, share best practices, and learn how this to...

jdelio by Community Team Member
  • 48 Views
  • 0 replies
  • 1 Likes

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 16756 Views
  • 45 replies
  • 32 Likes

Browsing Quota Time ?

I am coming from Forcepoint from a proxy perspective. My questions is, does the Palo Alto support user browsing policies, and user quota times ? I am looking to have some block list and white list created. I am also wanting to give certain users limi...

TeamViewer restrict unsupervised access

Hey everyone, i got a question from one of our customers, described below:Constellation:PC1 (At home, with internet-access) <--> PA-firewall <--> PC2 (at office, TeamViewer-controllable) Now, to the question. The costumer wants to restrict the access...

Resolved! A little help with Subinterfaces and intraVLAN routing

I have a PA-3020 with fairly typcial config with a L3 untrusted interface and several trusted sub interfaces. I have a couple questions. Prior to this, I was doing my intravlan routing on my core HP2920 switch. My 192.168.123.0/24 network is the nati...

firefox_2017-03-22_06-35-32.png
Raland by L1 Bithead
  • 562 Views
  • 4 replies
  • 0 Likes

Security policy: exception question

Hi, I'm trying to create a security policy that would block all critical traffic from source zone "A", to destination zone "B". However, I want to allow traffic from a specific IP in zone "A". How can I make an exception to allow that IP? I assume I ...

Resolved! Migrate Config between PA-500 and PA-2050

Hello, we own a PA-500 Firewall but are some Versions behind in the OS. Now we want to update it but got an downtime estmiate from our local Palo-Alto vendor from 8 hours. (From Version 5 to 8) Since we have some 24/7 Callcenters in house that's not ...

lenmar by L1 Bithead
  • 770 Views
  • 7 replies
  • 0 Likes

Resolved! Configure NAT with multiple ports

Hello ocmmunity, Do you know if it is possible to do this in the firewall ?Name: NAT 1Source Zone: INTERNETDestination Zone: INTERNETSource Address: IP_PublicDestination Address: 1.1.1.1Service: icmp, tcp/5551, tcp/22, tcp/4443, udp/500, udp/4500Dest...

Apadilla by L3 Networker
  • 2060 Views
  • 3 replies
  • 0 Likes

Resolved! Exfiltration detection?

Has anyone set up a PAN alert for egress bandwidth utilization? For example: If any internal host transfers more than (x) GB in (y) Minutes to the Internet - throw an alert.

Block Facebook App

We are using a Palo Alto Firewall and have facebook blocked on the browser, but the mobile app still works on Android and iPhone. What is the catch all way to block the facebook app?

DHCP

We've used Palo alto as DHCP server for all our wireless infrastructure, we notice that after one hour the IP has to expire and be release, however it keep the expired session on the DHCP and we have to manually clear out this from cli. Once the pool...

Denis by L2 Linker
  • 501 Views
  • 5 replies
  • 0 Likes

Configure DNS Sinkhole with multiple IPs

Hello, I found this instruction https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Configure-DNS-Sinkhole/ta-p/58891 which is great but how do I create the Anti-spyware profile for multiple IPs? I'm hoping I don't have to create one p...

rullyk by L0 Member
  • 482 Views
  • 2 replies
  • 0 Likes

MISP Integration with Autofocus

The idea will be to Pull an event from MISP DB and Convert them to Autofocus Queries and enrich the results back to MISP (sending indicators to MISP) Found Some python scripts explaining this in the PAN github page , but lost my way to integrate it t...

Resolved! message security over http

How does PA handle message security over http ?Whereas https secures the communication, message security secures the content. I would expect PA does not touch http content. But we are having issues with an application that connects to a partners serv...

dieter_b by L4 Transporter
  • 1645 Views
  • 16 replies
  • 0 Likes
Top Liked Authors