This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4112 Views
  • 0 replies
  • 0 Likes

Resolved! IPSEC tunnel with vendor and using Vendor Public IP for Source Natting

We need to build the new IPSEC tunnel with the vendor.Our sidePA Public IP say 200.23.23.x for IPEC tunnelOur Lan 1>>10.0.0.0/8 2>>172.16.0.0/16Vendor Juniper Public IP 104.156.166.x Users on our side need to access the vendor network IP1>>100.65.5.x 2>>100.66.25.0/24Vendor told us they do not want to allow our Private I...

MP18 by Cyber Elite
  • 7641 Views
  • 4 replies
  • 0 Likes

LDAP-SSL implementation

We want enable LDAP-SSL and i have checked the require SSL/TLS setting in the LDAP profile. I don't see any TCP/636/SSL traffic to the DC from firewall. I only see TCP/389/LDAP traffic, what i am missing.

image.png
raji_toor by L4 Transporter
  • 2914 Views
  • 2 replies
  • 0 Likes

Resolved! if ssl inbound decryption failed,the session will be block or ?

The custtomer want to config ssl inbound decrypaion for internal server。 They do not want this configuration to affect existing web services。 I checked the relevant information, i think the firewall in Inbound Inspection mode, PAN-OS will not act as a proxy with SSL traffic matching the policy. PAN-OS will try to decrypt this SSL traffic 'on-the...

Felixcao by L3 Networker
  • 4299 Views
  • 2 replies
  • 0 Likes

MAC Address Table learned by Palo Alto

Hi , Is there a way we can view the MAC addresses learned by Palo Alto, I am not talking about ARP. So in Juniper/Cisco Layer 2 Switches you can see what mac addresses are learned on the mac address table Can we do that same in Palo Alto? Thanks

uzaheer by L0 Member
  • 53610 Views
  • 3 replies
  • 0 Likes

Minemeld crash once in a while

HI,My Minemeld is running in a docker container. It consumes memory as much as possible. Now the server is configured with 32 GB memory, still 100% usage by Minemeld. It crashes every a couple of days. The requested url for feed gets internal error. I have to restart the container to fix it. We are processing lots of indicators. Total number is...

yguo29 by L0 Member
  • 3951 Views
  • 2 replies
  • 0 Likes

Resolved! File Blocking - allow images/videos block everything else

I'm trying to permit download of gif, jpeg, mpt4, png, svg, webp, and woff, and deny everything else in both directions. I tried 1) setting up a block rule for any file type in both direction and an allow rule for the file types above for download only2) setting up the allow rule, and then updating the block rules manually selecting every single...

font blocking

Hello, I'd like to block users from downloading any OpenType (.otf) and TrueType (.ttf) fonts. Is there any way to block them?

Password Profiles complexity

I would like to set up a Password Profile with all attributes at zero, can this generate an account lock or would I have no problems? regards

bmacedo by L0 Member
  • 2736 Views
  • 2 replies
  • 0 Likes

Dual ingress ISP setup vs Juniper SRX

Hi, there is a fundamental difference between Juniper SRX and Palo Alto Firewalls regarding how reverse route look up occursfor a session. With Juniper SRX, if I have two ingress traffic via two different ISPs, I can put each into its own routing instanceand Juniper forwards the reverse traffic back via ingress ISP. It is very simple and elega...

Resolved! Customizing Captive Portal Response Page

Hi!I would like to customize the captive portal response page including some corporative images. However, if I link the images to an external server, I get warnings from the browsers because the entire page is not secure. Is there any way to upload the images to the PAN?Thanks!

ajripa by Not applicable
  • 5290 Views
  • 2 replies
  • 0 Likes

BGP Peer with ISP

Hi I need some guidance on setting up BGP peer with my ISP, this is a new connection. I have external interface setup and I can ping to next hop and route to public internet. I need to advertise the /24 block network that my ISP assigned me. This PA will be used as GP Protal and GW, and they have been assigned IPs from /24 block. Is there do...

Amin2 by L2 Linker
  • 3024 Views
  • 1 replies
  • 0 Likes

Applying QoS for WebEx behind PA FW

Hello, I have a WebEx Server hosted behind a PA FW. I need to apply QoS for it. Currently, I have a NAT in place to NAT the WebEx Public IP to the Server Private IP, Destination NAT is applied. Is it applicable to apply QoS for such traffic? I need to ensure WebEx stability despite the utilization.

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks