General Topics
cancel
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Happening in June: The Complete Zero Trust Network Security Event

Greetings everyone, Don't miss Palo Alto Networks' Complete Zero Trust Network Security event coming up in June. This event will cover the following points related to the newly unveiled Zero Trust Network Security: Secure access to the right applicat...

seattle-launch-live-community-r2b-1100x120.jpg
jdelio by Community Team Member
  • 433 Views
  • 1 replies
  • 4 Likes

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 18092 Views
  • 41 replies
  • 32 Likes

Service route destination option

What is the purpose of adding destination in service route?We have a default gateway in management interface config and we also have specific route in vr so why we need it?

hrsingh by L0 Member
  • 660 Views
  • 5 replies
  • 0 Likes

Resolved! How to block www.youtube.com completely

Dear All, Appreciate if you can advise how to block www.youtube.com completely. I have try using URL-Filtering and application layer level but still failed. I am using PA-3020 OS version 7.0.3 Imran

Error with PDF Reports

when i do a test email for the email profile it successfully delivers the email. however in my system logs I get this error. "failed to email pdf reports to #####@#####.com for email profile #####" any ideas?

alkajazz by L0 Member
  • 311 Views
  • 1 replies
  • 0 Likes

Resolved! arp not found

Yesterday I attempted to move our Internet connection from a copper interface on ethernet1/1 to fiber optic on ethernet 1/13 on a Palo Alto 3020. I ensured both interfaces were members of the same security zone and modified the Default route of defau...

Resolved! QOS & Aggregate Interfaces

Hello,In our QOS Aggregate Eth. Interfaces we cannot assign an egress value greater than 1000.(LACP Bundle is 2 x 1Gbit on eth4 + eth5)Why ?Do we throttle down throughput to 1 GBit/sec. in the Aggregate ?Shall we leave egress value in profile and Int...

rekuhn by L2 Linker
  • 644 Views
  • 1 replies
  • 0 Likes

Resolved! Application: Incomplete

Hi, Does anyone have a suggestion on how to create a rule to catch Application incomplete? Now that traffic hits the first policy that allows traffic on that service (port). And it clogs the logs when looking at that rule and what has passes through ...

mgusta by L2 Linker
  • 3964 Views
  • 7 replies
  • 0 Likes

Multi AD Account login - Captive Portal

Hi, Can we limit the login per account using Active Directory as an authentication profile at Palo Alto Captive Portal? I believe by default, you can login using a single AD account with multiple devices.

Slow download over decrypted TLS sessions?

I've noticed that downloads that occur over decrypted TLS sessions are incredibly slow since upgrading my PA-3050s to PAN-OS 6.1.x (now on version 6.1.12). Sometimes they don't even complete at all, either failing or just sitting forever. For example...

Resolved! Reduced bandwidth after 7.1.2 upgrade

After the upgrade to 7.1.2, I've notice that my bandwidth has reduced by 80% over a Metro E Gig connect. Any one else seen this problem or has a resolution for it?

ITICID by L1 Bithead
  • 1270 Views
  • 5 replies
  • 0 Likes

Resolved! GlobalProtect 3.0.2 setting VPN DNS on WiFi adapter

Hi, I'm having a single client, running Windows 10 Pro, that we're having issues with.When the user connects to their network at home, they are unable to connect to VPN, and it seems like the issues is caused by GlobalProtect setting the WiFi adapter...

as-mg by L3 Networker
  • 3167 Views
  • 8 replies
  • 0 Likes

Resolved! User based ssl decryption

Hi, I try to test ssl forward proxy decryption. It works fine if I use IP address as a source but if I use Users(domain) as a source it doesn't work. I can't use IP's for testing because our IP's floating. What I need to check in configuration? Toni

ToniE by L2 Linker
  • 1537 Views
  • 12 replies
  • 0 Likes

Resolved! RADIUS authentication: MS-CHAP v2?

Currently, my PA-3050 devices (PAN-OS 6.1.12) utilize RADIUS authentication. I know that this uses the completely unencrypted PAP protocol. I have asked PAN about MS-CHAP v2 support in the past and was told that the device must be placed into FIPS mo...