This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 2060 Views
  • 0 replies
  • 0 Likes

Global Protect pass OpenVPN traffic?

We have deployed GP full tunnel VPN across the enterprise. We have some departments using OpenVPN, 

My question is why can't users use OpenVPN without having to disable GP first. 

 

 

thanks,

URL Filtering Response Page

Hi All,

 

I have created a custom response page for a vsys but I need two of these within a VYS so they are served depending on the source IP address.

 

Example, if user comes from within 10.10.10.0/24 I want to serve a response page with policy details

...

a.jones by L3 Networker
  • 2381 Views
  • 2 replies
  • 0 Likes

Security Policy Actions- Vulnerability

Dear All,
 
Kindly help me understand below query - 
 
We would like to configure Security Policy Action "Block IP" for Critical, High and Medium level Vulnerability signatures for 3600 sec. As per understanding traffic from source-destination pair; Conf
...

Resolved! Global Protect Windows 10 issues

Hi folks.

 

I'm running into an annoying issue with some Windows 10 workstations and Global Protect.

 

Global protect will install, and run for an unspecified (and variable) time on a given workstation. Connected, working, no problems.

 

After some period

...

darren_g by L4 Transporter
  • 19395 Views
  • 2 replies
  • 0 Likes

Resolved! Implicit Applications with cotp/ms-rdp in security policies

Hello everyone,

 

Been testing some PA firewall functionality and noticed that ms-rdp has the implicit use of "cotp" defined, but the cotp application matches to a rule further down the policy list. When I review the logs, it looks like this

 

Am I misun

...

PAFWRDPCOTP.PNG
MathewRD by L0 Member
  • 7098 Views
  • 1 replies
  • 0 Likes

Up gradation of PANOS 8.0 to 8.1

We have PA-820 deployed in Active-Passive HA mode running PANOS 8.0. Today i received a notification that PANOS 8.0 will be End of Life on 31st Oct 2019. Hence I have to upgrade the PANOS of both firewalls, preemption is enabled on both firewall. Ple

...

Resolved! RADIUS MFA Enrollment Message

I have successfully deployed MFA for my Global Protect users using PingID. Using RADIUS and LDAP I am able to have a user challenged every time they want to fire up the Global Protect gateway. However, this functionality only happens when a user has

...

Resolved! IPS Running Active/Active after reboot.

I upgraded a few pair of IPS/IDS devices last night and ran into an odd issue I haven't seen when upgrading other devices before. They run, typically, in Active/Passive mode, so when I upgrade I suspend one, upgrade, reboot, unsuspend it, and then re

...

Destination NAT with Port Range

Hi !

 

We are trying to configure Destination NAT rule for a VC device on Palo Alto 820 NGFW. we need to allow range of TCP ports(Ex:3000-3050) but we could not find the option to configure the port range under the translated tab. find the below requir

...

Tulasi by L0 Member
  • 5949 Views
  • 1 replies
  • 0 Likes

log to Kiwi Syslog

Hi,

I've configured all the necessary in my PA-500 but I can't view logs Kiwi Syslog v8 in my PC. Is there some special configuration I missed? I've configured the firewall for UDP sessions. I've some DMZ configured, maybe I forgot to open some ports?

s_quasar by L3 Networker
  • 7669 Views
  • 5 replies
  • 0 Likes
  • 24231 Posts
  • 117 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks