General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 272 Views
  • 0 replies
  • 1 Likes

Palo Alto Forward Proxy?

We presently leverage a fwd-proxy solution that a selection of hosts (2000-3000) on various networks pass through in order for us to funnel them to a few IP's and enforce a more STRICT URL policy at the perimeter. The hosts are managed through GPO.

 

M

...

Web Advertisement URL Filtering

I have enabled URL filtering to block web advertisements, but it looks really bad cosmetically on the users end when they get to a web site where the advertisement should be there is big texted block page. Anyway we can eliminate the block page for w

...

Using file blocking and wildfire profiles together

Hi Guys,

 

Please can someone explain me why we would use the file blocking profile as well as the wildfire profile on the same security rule.

What i understand is that once the file is blocked then no need to send it for the wildfire analysis..Please c

...

mahmoodm by L3 Networker
  • 6569 Views
  • 15 replies
  • 0 Likes

Resolved! Ports required to register and activate Panorama

Hi folks

Just sanity check required here, make sure i'm not missing something.

with regards to:

  

updates.paloaltonetworks.com

 

Can I please ask community to confirm only Port 443 is required, as I currently have FW blocking Panorama registrastion proces

...

nawaza by L2 Linker
  • 2359 Views
  • 2 replies
  • 0 Likes

Enable Multicast IGMP proxy

Hi all,

 

I've a PA-3020 and i'm trying to configure multicast between 4 zones.

All zones are directly connected to the PA.

ZoneA -> There are all my HDMI - WIFI adapter (Airtame)

ZoneB -> Users B

ZoneC -> Users C

ZoneD -> Guests

 

When an user is in ZoneB, o

...

Resolved! Global Protect Client and KRACK WPA2 exploit

Will the GP VPN client provide encryption for WPA2 sessions comprimised by the recent KRACK method?

 

Does that cover all the OS varients - Win, Mac, IoS, android?

 

I realize that only covers traffic routed back to the firewall.

NeilR by L2 Linker
  • 2542 Views
  • 1 replies
  • 0 Likes

ALG (Application Layer Gateway) and Oracle

Hi,

 

I've an application who has to query an Oracle database to get information from it. There is a PaloAlto firewall between my application and the DB. 

I actually reach the database, but I can't collect the information that I need. Making a quick tcp

...

Block Cyberghost IPs

I see a lot of threat (thousands in a few minutes) to one of my webservers from IP 176.10.115.140.

This IP belongs to cyberghost, so probably someone used this to hide his own IP and attack our webserver.

Is there a way to block this traffic (before th

...

Sjoerd by L2 Linker
  • 3117 Views
  • 2 replies
  • 0 Likes

Archive of Release Notes for Dynamic Updates?

Hi all,

 

Is there an archive of release notes for dyanmic updates?  I've just discovered that a firewall I inherited has a very old version of the Application version.  I'd like to determine just how old it is (so I know how much chaos I'm going to ca

...

Resolved! WOL and two subinterfaces - problem

Hello

 

I have two subinterfaces ethernet1/4.10 (192.168.1.0/24) and ethernet 1/4.20 (192.168.20.0/24) in the same security zone.

 

What I need to set up to allow to wake up computers using Wake On Lan function on 192.168.20.0/24 from ie. 192.168.1.100 ?

...

_slv_ by L4 Transporter
  • 7947 Views
  • 10 replies
  • 0 Likes

Create a rule

Hi,

is there a way to create a rule like this?

if

( session_end_reason eq aged-out ) and ( zone.dst eq SERVER ) and ( app eq incomplete ) and ( rule eq MY OUTSIDE RULE ) and ( bytes eq 308 )

block the IP for 300 seconds

s_quasar by L3 Networker
  • 2172 Views
  • 3 replies
  • 0 Likes

Resolved! Global Protect Agent Compatability

This is probably a relatively simple question and I think I know the answer but would like to confirm with the wider community.

 

We currently have Global Protect Client 3.1.1 active on our Firewalls. We are looking to go up to the 4.0.x branch of the

...

Panorama License Upgrade

I am currently running Panorama with a 25 device license limit, and I have purchased and need to upgrade to the 100 device limit. It seems the auth code for the 100 licenses is the same as the auth code for the 25 licenses.

When I go to Panorama, Lice

...

  • 23638 Posts
  • 107 Subscriptions
Top Liked Authors
Labels