General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Palo Alto hardware without license limits

Yes, I already know without license i don't get the following but i want know about like VPN, firewall rules and etc.. limits1. Security profiles (Anti-Virus, Anti-Spyware, URL Filtering, Wildfire) will not work2. Clientless GlobalProtect, HIP will not work3. All the updates will not work (software and dynamic) I know the virtual firewall limits...

Custom BlackList

I have a custom blacklist and when i try to import text files with URL it failanybody know what problem is can be?

Global Protect - Split Tunnel not Disabled

I am having an issue with both windows and Mac clients.I have enabled the no direct access to local subnets option but I am still able to browse to my local router and I am getting reports of users being able to access local printers.currently the access include and exclude networks are blank.The GP solution is on a VM in AWS on FW version 9.0.7...

SebastB1 by L0 Member
  • 3897 Views
  • 3 replies
  • 0 Likes

Resolved! GRE support on PAN?

HiIs it possible to terminate GRE tunnels on PAN device?I'm planning to have multiple IPSec tunnels from all branch offices connecting to PA-2020 firewall, in each of these I would like to have GRE tunnel and then OSPF running, so in short: GRE over IPsec + OSPF. Is it possible? Apparently OSPF over IPSec is supported 'out of the box' on PAN OS,...

Applications are not opening properly from the Clientless VPN

We have configured a clientless application on PA. It s working fine it's taking to the application, Following the Home page and other contents are accessing but from there we not able to open few the popup menu tabs from the application.Application is based on IP, not URL base. please find the details with Clientless VPN.https://XXX.XX.X.XX/htt...

Clientless VPN not resolving URL domain names

I recently set up the Clientless VPN feature in PAN-OS 8.0 and I'm having problems with the domain names for the Clientless Apps not resolving. I added a DNS Proxy in the Clientless VPN section of the GlobalProtect Portal that is associated to the GP Portal interface and the interface that's connected to the network where the Clientless App live...

jwolach by L4 Transporter
  • 6594 Views
  • 4 replies
  • 0 Likes

JAVA Webportal ist not completly working With Clientless SSL Webvpn

I have a problem with my PaloAlto Firewall 3020 Clientless SSL Webvpn., our JAVA Webportal ist not completly working.Our clientless SSL Web Portal is running on PaloAlto Firewall 3020 with Version 9.7It is comming the following Error."ClassNotFoundException"Has somebody the same problem?I need a solution, because we are using this solution for U...

Mudather by L0 Member
  • 3136 Views
  • 2 replies
  • 0 Likes

HA Configuration Giude

I've been using firewalls for years, but in the last 12 months I've made the switch to PA, and I've been learning it slowly.As part of this, I created a video on how to configure HA, but also on how HA works (HA types, link types, failover handling, etc). I hope this is able to help out someone else who is also learning:https://www.youtube.com/w...

Luke_R by L2 Linker
  • 3532 Views
  • 2 replies
  • 1 Likes

Global protect - Windows issues

Hi, We are having any issue wih globalprotect and several feaures of windows (office store, images word...).we realised that if we configure de default gateway made by hand in PAnGP interfaces, its working fine. Why is this happening?Is there any way to add atumacticallyany default gateway in PAnGP interface? For Windows store we found this link...

BigPalo by L4 Transporter
  • 4995 Views
  • 5 replies
  • 0 Likes

Resolved! Custom Application v default-Application

Hi, Am planning to replace the services in my environment with custom applications. My question is this? (1) - Must I use application override to use custom application?(2)- While using custom application, can I use default-application on the Service Column? Or should this column be set to Any since the default app is not in use Thanks

Resolved! Config Audit PDF Report

Hi all lovely people of Palo Alto Live, I want to see if there is a way to generate a custom (or in-built) report for the config changes on the Palo Alto?For example, the requirement is that a weekly report is needed on what changes are made by which administrators in the past week, or the difference in config between today and the config 7 days...

MHamad by L2 Linker
  • 11723 Views
  • 5 replies
  • 0 Likes

UserTrust CA certificate expiry on the weekend causing sites to be blocked

Hi, It appears that the UserTrust root CA and the Comodo RSA CA certificates expired this weekend and now my users are getting blocked since the certificate has expired. The sites are accessable through chrome when not behind the Palo. I've tried importing trusted CAs and the only thing that works is to add the site to a URL list and exclude...

jpage386 by L0 Member
  • 3580 Views
  • 1 replies
  • 0 Likes

Chinese characters are populating automatically in GP username

I am having experience in the global protect agent login window when the user starts logging from the machine. Chinese characters are populating automatically in the GP agent username logging field window, and users have to clear the character to enter their username logging into GP.And this issue came after the upgrade of the Palo Alto global p...

GP.JPG

Resolved! Sectigo wildcard certificate problem for Globalprotect

Dear Community, I've recently purchased a wildcard certificate, that I intend to use it on our firewall for globalprotect. It is a single device, and gateway is configured as external gateway (it provides only vpn access from the external world). I've installed the certificate, without any issue, but CA is not ticked on that. Therefore I cannot ...

KovBal by L0 Member
  • 9833 Views
  • 6 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels