This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 776 Views
  • 0 replies
  • 0 Likes

Firewall working as proxy for mail server

I have customer using TMG holding public ssl certificate for mail . The mail server doesnt have ssl certifcate.

Customer wants to eliminate TMG and using palo. Can palo hold the cert to authenticate the ssl . Mail server

sits behind the palo in trust z

...

Global Protect - two portals same firewall

Hello all,

 

Here is my question. Can I configure on the same firewall one global protect profile to only authenticate users based on certificates and a separate profile to authenticate users based on their AD credentials?

 

Currently I have authenticati

...

Community Expert Verified
Community Expert Verified

Resolved! Global Protect with multiple portals

Is it possible to have more than 1 Global Protect portal and gateway on a single appliance?  We use tunnel all mode with a route of 0.0.0.0/0 for all of our users.  However today a vendors need access but want to use their own systems at the same tim

...

nthen by L3 Networker
  • 7879 Views
  • 4 replies
  • 2 Likes

OCSP App-ID fail

Hello,

is anyone using ocsp as single app in a rule ? It's sometimes failing to match, seen as "web-browsing" although on very easy to recognize URLs such as ocsp.comodoca.com. Quite annoying when you debug a third-party software failing to setup beca

...

Resolved! Minemeld missing new O365 web

Hi,

 

We have installed PA with Minemeld. Everything is working fine but sometimes we can not access to any function in O365 online (for example "to create a new word cocument"), so we go to PA and we see that in URL logs that PA is blocking this web

...

Resolved! Query on URL filtering

Hello,

 

We are using this Security Policy:

Source->Inside, User->any, Destination->any, Application->any, Service/URL category->any, Action->allow.

We are using Group Profile under Profile Setting with a URL Filtering Profile 'test-URL'.

In this URL Filt

...

Farzana by L4 Transporter
  • 3126 Views
  • 2 replies
  • 0 Likes

QoS statistics Graphic monitoring Issue

Hello,

 

Using PAN-OS 6.1.17.

 

At first, Bandwidth graph was not showing in both Chrome and IE. The only change I made was adding all the classes into the QOS profile. The classes that were in use by QOS were already showing up in the other statistics t

...

Farzana by L4 Transporter
  • 3484 Views
  • 4 replies
  • 0 Likes

When are we getting a GlobalProtect Client for Linux

Hey guys,

 

I already know how to get my Linux clients (Ubuntu) to connect via xAuth, and it works great. However, I've been tasked with implementing MFA to the VPN infrastructure. Works fine for the Windows/Mac clients using the GlobalProtect Client.

...

Resolved! Failover methods Manual vs Link Down (traffic loss)

There are few triggers that could cause a failover in HA cluster.

I'm interested to understand the difference between manual (graceful) and a hard failover like Link Down. 

In a matter of network traffic loss, is there a difference between Link monitor

...

Trustnet by L1 Bithead
  • 8414 Views
  • 10 replies
  • 1 Likes

Active | Active Dual WAN

Can someone tell me what the supported configurations are for an active | active dual wan configuration in regard to physical wiring.

 

Can I have one ISP connected to one Palo and the other ISP on another Palo or do I need both connected to both, run

...

Question about redundent paths with IPSEC Tunnels.

I have a HA-pair of 3050s in my corp office with an single existing IPSEC tunnel to a remote office on a 200.

 

The remote office has very poor reliability on it's existing connection and the local ISP has provided them with a backup satcom link they c

...

Resolved! GlobalProtect and AD group restriction

Hi,

I'm setting up GlobalProtect, which works just fine.  Now I want to restrict GlobalProtect access to only 1 AD group.  I created a separate GP authentication profile with my ssl_vpn AD group in the allow list, but as soon as I commit that allow li

...

fcremer by Not applicable
  • 18127 Views
  • 9 replies
  • 0 Likes

GlobalProtect connects but cannot get IPv4 address

Hi, New to the forum here and my searches didn't reveal an answer. I am using GlobalProtect 3.0.0-74 (what the client gave me) and it connects just fine, but I am unable to see the machines I need to(ping requests time out). Running ipconfig shows I

...

bhaxel by L1 Bithead
  • 4828 Views
  • 6 replies
  • 0 Likes
  • 23985 Posts
  • 115 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks