This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4445 Views
  • 0 replies
  • 0 Likes

Decryption with Wildcard SSL-certificate?

Does Palo Alto support decryption with Wildcard SSL-cert?Ref.:In order to determine if a connection needs to be decrypted or not, the firewall relies on the (CN) common name configured within the certificate and compares that to the security policy. ( https://live.paloaltonetworks.com/t5/Management-Articles/SSL-Decryption-Rules-Not-Matching-FQDN...

pivvre by L2 Linker
  • 12458 Views
  • 12 replies
  • 0 Likes

Global Protect Auto Start

We are looking into adding Global Protect as part of our deployment of newly reimaged computers. Within my company's work environment, we want Global Protect to start up only when the user clicks on the shortcut icon for the application. We do not want to have it auto start upon restarting the computer. Is there a way to disable this feature so ...

Resolved! Security Policy - with Service\URL category configuration

I have a Security policy rule configured as below1.source and destination any2. User - any3. Application - Any4. Service ports open for http5. Url category allowing access to custom created URL category in which only search engines google and bing's URL is defined6. Action - Allow7. Profile - NillNote that the URL category is configured in Servi...

krdeepu by L0 Member
  • 5252 Views
  • 1 replies
  • 0 Likes

name that security profile

I am looking for a more descriptive name for my security profile ? I have vulnerablity protection, anit-virus, anti-spyware and wildfire included on the profile that I have added to a majority of my rule. currently it is name All PE alert

jdprovine by L4 Transporter
  • 5578 Views
  • 13 replies
  • 0 Likes

Force what Global Protect Portal to use

Hello, Our users will have 2 Global Protect Portals to choose from. The users sometimes log in to windows with a smart-card and sometimes with a normal AD-account (Username and password). Not sure if it's possible but can we force what portal they connect to based on what account they log in on? Theres one portal for smart-card users and one fo...

xen-pv by L1 Bithead
  • 3260 Views
  • 4 replies
  • 0 Likes

Probably a strange question...but Linksys RV082 and PA VPN tunnel anyone?

HI Been trying to get a VPN tunnel working between a Linksys Rv082 and Palo Alto. (dont ask...) But no luck in the testing, i based my PA config on the Linksys Rv082 settings, wich i got from the person that is on the other end, but so far - no success. Anybody tried this before ?I would appreciate any experiance or pointers. i provided a link...

Resolved! Captive Portal errors

Hello Early today the captive portal stopped working and UserID didn't get any user mappings. Users couldn't be able to login by SSO or captive portal. After some investigation, we restarted the l3-service and it come back working. The l3svc_ngx_error.log show us this errors: Error: pan_parse_bc_params(panos_addons/pan_l3svc_utils.c:2294): inval...

Monitor multiple IPs in a PBF rule?

Running 8.0.x on our PA-3020 and PA-220 systems. In our virtual routers, we can path monitor with multiple IP addresses and take action on AND or OR conditions, but PBF still seems to be limited to a single IP. I'd love to be able to monitor multiple IPs in a PBF rule. Is this possible, is it coming, or is there a workaround? Thanks! Jordan

uvdes by L2 Linker
  • 3214 Views
  • 2 replies
  • 0 Likes

Resolved! Two firewalls, identical rules, different behaviour

As far as I've been able to determine, the configuration for the two firewalls (PA-500s) are identical (with different IPs/subnets obviously), but the way they handle blocked connections is very different. On one firewall, a telnet to a blocked port just hangs until it eventually times out and the connection is dropped. On the other firewall, a ...

fjwcash by L4 Transporter
  • 7362 Views
  • 4 replies
  • 0 Likes

Resolved! SSL cert mgt-Chrome issues

I generated and imported ssl certificate for secure management. I also made sure the CA is on the local machine. I have no issues with Firefox or IE but on chrome, it shows me cert r=error for mgt interface. Did anyone face this before? please offer me a solution if so. Thanks.

  • 24375 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks