This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4142 Views
  • 0 replies
  • 0 Likes

Global Protect Next TokenCode Mode

Hi all, Just wondering what I am missing in terms of getting the GlobalProtect Portal and Gateway to show next token prompts etc.I have a fairly straightforward ISE RADIUS setup that talks to RSA AM. The authentication and authorization works except when next tokencode mode is invoked as no prompts are seen to indicate the next token is required...

Presales question: External IP address assigned through DHCP and /29 routed to this IP, possible?

Hi all, I am considering to replace my Cisco ASA 5505 by a PA-220.My situation is as follows:The external interface is part of a trunk where internet connectivity is delivered on a specific VLAN.The IP address on the external interface is assigned by DHCP which unfortunately is mandatory.A public /29 subnet is routed to that DHCP assigned IP add...

HaVaNL by L0 Member
  • 2860 Views
  • 1 replies
  • 0 Likes

BGP - TCP/179

Hello Folks, I have a simple BGP question. I'm going to be creating a BGP peer between a Palo Alto firewall and a Cisco router. Do I need to create a security policy allowing TCP/179 between my Palo Alto firewall and the router. They are directly connected. I cant find any examples of that.... so hopeing some can advise.thank you.

Jedi_D by L2 Linker
  • 3587 Views
  • 1 replies
  • 0 Likes

Resolved! NAT - with URL for NAT policy

Hello Folks, I need some advice .... I want to create a NAT rule to allow traffic to NOT be NATTED if it is going to a particular website. e.g. if going to www.paloaltonetworks.com then dont NAT. Is it possible to use URL objects for in a NAT policy?? Please could someone suggest how this can be done, or send me some useful links for doing this...

Jedi_D by L2 Linker
  • 7223 Views
  • 6 replies
  • 0 Likes

Resolved! Proxy ID for IPSEC traffic going to Internet

We have IPSEC tunnel working fine with vendor device. Vendor Lan subnet is 192.168.80.xOur lan subnet is 10.10.x.x Proxy ID on PA is Local Remote 10.10.x.x 192.168.80.x Also Vendor has another Lan subnet 192.168.81.x that need to talk to internet IP say 23.x.x.xThis traffic need...

MP18 by Cyber Elite
  • 9007 Views
  • 8 replies
  • 0 Likes

Dual ISP with RIP

Dear Friends ! i am running RIP in entire Network with Dual ISPthe problem is that when 1 network part want to communicates with other part PBR just forward thier packets to Internethow can i solved this issue to prefere routing table first and forward the packet to internet then

Resolved! application any and service application default in policy

I have a Internet policy that permits application "any" with service "application-default". I just discovered that we can no longer use Ookla Speedtest since turning on the "application-default" service. Has anyone else experienced this and could you share how you resolved it? Thanks.

Trying to setup a virtual lab using VMWare Workstation

I am taking some Palo Alto Firewall training from CBTNuggets, in prepartion for the ACE Exam, I don't have enough spare equipment to setup a live lab, so I am trying to setup a virtual lab like they show in the CBTNuggets training. One of the steps they sugget using VMWare Workstation, which I have downloaded. There is a step tp use a PA-VM-ES...

TCGuy by L0 Member
  • 6300 Views
  • 4 replies
  • 0 Likes

URL Redirect

Hi, is it possible to redirect f.e. www.bing.com to www.google.com via Palo Alto. If yes, how can i do that? Thx

Resolved! Marking non voice traffic as EF in PA-220

I have a vpn tunnel & clients on the internal network need to initiate connections to a server on the other side (egress traffic). The max upload speed of the broadband circuit is 5 megs which is always at max utilization. Is there a way to mark traffic that is only best effort DSCP and change the value to EF 46 when crosses the Egress int...

Capture.PNG

Firewall integration with other sandbox.

Colleagues, good afternoon. There was a question about integrating a firewall with third-party sandboxes to send files for review, such as cuckoosandbox or checkpoint, is there such an opportunity and where can I find documentation or information about similar experiences?

ColaNet by L1 Bithead
  • 8394 Views
  • 8 replies
  • 0 Likes

Resolved! Jump in Suspicious HTTP Evasion Found and Suspicious TLS Evasion notifications

Recently I have noticed a jump in detections of Suspicious HTTP Evasion Found and Suspicious TLS Evasion Found going to genuine website such as eBay, Amazon, Apple etc. The firewall is setup as a DNS proxy that forwards on to PiHole and then out to a public DNS and as far as I can see I have nothing setup incorrectly. Does anyone here have any ...

Jrice01 by L1 Bithead
  • 17011 Views
  • 6 replies
  • 0 Likes
  • 24340 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks