General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Global Protect Auto Start

We are looking into adding Global Protect as part of our deployment of newly reimaged computers. Within my company's work environment, we want Global Protect to start up only when the user clicks on the shortcut icon for the application. We do not wa

...

Resolved! Security Policy - with Service\URL category configuration

 I have a Security policy rule configured as below

1.source and destination any

2. User - any

3. Application - Any

4. Service ports open for http

5. Url category allowing access to custom created URL category in which only search engines google and bing's

...

krdeepu by L0 Member
  • 2467 Views
  • 1 replies
  • 0 Likes

Force remove Devices from Panorama

I'm taking over a Panorama from someone else and there are a lot of devices in it that are no longer connected, all showing as disconnected. They were all migrated over to a new Panorama without properly removing them from this one.

When I try to remo

...

name that security profile

I am looking for a more descriptive name for my security profile ? I have vulnerablity protection, anit-virus, anti-spyware and wildfire included on the profile that I have added to a majority of my rule. currently it is name All PE alert

jdprovine by L4 Transporter
  • 1807 Views
  • 13 replies
  • 0 Likes

Force what Global Protect Portal to use

Hello,

 

Our users will have 2 Global Protect Portals to choose from.

 

 

The users sometimes log in to windows with a smart-card and sometimes with a normal AD-account (Username and password).

 

Not sure if it's possible but can we force what portal they c

...

xen-pv by L1 Bithead
  • 1341 Views
  • 4 replies
  • 0 Likes

Resolved! Captive Portal errors

Hello

 

Early today the captive portal stopped working and UserID didn't get any user mappings. Users couldn't be able to login by SSO or captive portal. After some investigation, we restarted the l3-service and it come back working.

 

The l3svc_ngx_erro

...

brute force rdp 40021 signature

Hi,

 

anyone knows why this is not working ? ( vulnerability signature - 40021)

tried many rdp attemps but cannot trigger 40021 although selected very low number.

 

 

https://live.paloaltonetworks.com/t5/Threat-Vulnerability-Articles/Brute-Force-Signature-

...

PanIst by L3 Networker
  • 971 Views
  • 0 replies
  • 0 Likes

Monitor multiple IPs in a PBF rule?

Running 8.0.x on our PA-3020 and PA-220 systems. 

 

In our virtual routers, we can path monitor with multiple IP addresses and take action on AND or OR conditions, but PBF still seems to be limited to a single IP. I'd love to be able to monitor multipl

...

uvdes by L2 Linker
  • 1297 Views
  • 2 replies
  • 0 Likes

Resolved! Two firewalls, identical rules, different behaviour

As far as I've been able to determine, the configuration for the two firewalls (PA-500s) are identical (with different IPs/subnets obviously), but the way they handle blocked connections is very different.

 

On one firewall, a telnet to a blocked port

...

fjwcash by L4 Transporter
  • 2562 Views
  • 4 replies
  • 0 Likes
Top Solution Authors
Top Liked Authors