This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4228 Views
  • 0 replies
  • 0 Likes

Who vets External Dynamic Lists (EDLs)

The Knowledge article on blocking TOR, https://live.paloaltonetworks.com/t5/Featured-Articles/How-to-Block-Tor-The-Onion-Router/ta-p/177648, references a list on panwdbl.appspot.com. This website has a number of lists that can be used to filter traffic, including the list of TOR exit nodes. What process is used to ensure these lists are accurat...

Autofocus Minemeld Advantage vs wildfire?

My understanding is that wildfire autoupdates some URL categories within 5 minutes if you have the correct licensing. With a current wildfire/URL filtering subscription, and without traps on our network, what is the real advantage to autofocus? My understanding is that it lists malicious IP's/domains/URL's, but if you have wildfire updating, an...

Sec101 by L4 Transporter
  • 3895 Views
  • 5 replies
  • 0 Likes

RSA AM and PA Configurations

Want to know if anyone has configured a PA to use the RSA Authentication Manager yet? I have seen an RSA document from 2010 that states it can be done.

Resolved! Inter VLAN routing - best practices/suggestions

Hi guys, I've got about 7 or 8 VLANs that segregate my various departments. I want to inspect the traffic that goes from these VLANs to my server VLAN. What's the best way to do that? The only article I could find suggests creating a zone for each department. They are all currently configured as Layer3 subinterfaces on the same VR but this isn't...

Current Interface Config.JPG
Konos44 by L1 Bithead
  • 12878 Views
  • 5 replies
  • 0 Likes

Guest Access via Captive Portal - problem with page not always appearing

I have set up a guest wifi network with an access point on an ethernet port of the PAN firewall. The guest wifi network is unsecured. I am using a web-form to ensure the guests see our logo, terms, and type in the correct password to proceed.The setup works most of the time. On occasion when using this setup via an Apple iOS device (iPhone, i...

cenders by L3 Networker
  • 20795 Views
  • 17 replies
  • 0 Likes

Captive Portal - Terms of Service

I would like to configure my PA-200 in such a way that when the user tries to browse a web site, he is presented with the captive portal. On this page I would like to display a "Terms of Service" banner telling him about acceptable use etc. I do NOT wish to authenticate individual users.A simpe banner and an I Accept/Cancel button would suffice....

u13001 by Not applicable
  • 22888 Views
  • 36 replies
  • 2 Likes

Captive Portal NTLM and responce page

Hello Today I configured for one of my zone insted of default-web-form default-browser-challenge.When I try to open new session on computer that isnt a Windwos AD machine i got:and when I clicked Cancel: I'm pretty sure that above message is possible to translate/personalse. Unfortunetelly in Responce Pages I can't find that option. Is is possib...

2018-06-20_203000.jpg
2018-06-20_203012.jpg
_slv_ by L4 Transporter
  • 3921 Views
  • 2 replies
  • 0 Likes

limitation when monitoring uptime with snmp

Hello Community. I have an inquiry with which maybe you can help me. This is the situation: In order to know the uptime I´m using the OID 1.3.6.1.2.1.25.1.1.0 to get the value of object hrSystemUptime. This is a counter of 32 bits and considering it´s counting in hundreds of seconds, the maximum uptime without overflow is: 2^32 = 4294967296 (hun...

Carracido by L4 Transporter
  • 5277 Views
  • 4 replies
  • 0 Likes

panMgmtPanorama2Connected custom poller = Not-Connected

can someone tell me how can we troubleshoot palo alto firewall disconnection from Panorama. I tried to check system logs but there are no enough logs to troubleshoot it. logsFW has lost connection to panorama, no log will be forwardedDisconnected from Panorama Server: X.X.X.X. , source: Y.Y.Y.YUser-ID server monitor <hostname>(vsys1): con...

SSL Forward Proxy Decryption with ECDSA Cert?

Just wondering if it's possible to use an Elliptical Curve DSA cert with CA and Trusted Root to be the Forward Trust Certificate for the SSL Forward Proxy decryption feature? Reading about the Perfect Forward Secrecy feature here:https://www.paloaltonetworks.com/documentation/71/pan-os/newfeaturesguide/decryption-features/perfect-forward-secrec...

jsalmans by L4 Transporter
  • 4830 Views
  • 2 replies
  • 0 Likes

user-ID user mapping problems

Our PA 4.1 has problems mapping entries received from user-ID agent and LDAP queries.show user ip-user-mapping command produces following output:192.168.1.1 AD grybai\vltr12345678 Here grybai is our NetBIOS domain name for domain and vltr12345678 is sAMAccountName attribute of user object in LDAP.However command show user user-IDs (which...

SimasK by Not applicable
  • 3883 Views
  • 3 replies
  • 0 Likes

Resolved! Please suggest about mac-address control

Hi expert , I would like to know about suggest mac-control because my customer use Fortinet which use device control and I will replace and migrate to Palo-alto if that possible about control this thing . Thank you

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks