This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

SSL Decryption Time Suck

Has anyone else noticed a high level of effort required to support SSL Decryption on the PA's? We have this feature activated on a few clusters and this seems to be one of the most time intensive efforts to support with weekly (if not daily) SSL Decryption bypasses for various websites.

Resolved! HTTPS response web without SSL-decrypt

Hi, We try to access to several web blocled by URL. The response web is not being showed. I think this cause is that we dont have ssl-decrypt. Thats right? Anyway we have another web that the web response is whowe using https. WE dont have any ssl-decrypt. I would like to have a strong explanation. Thanks a lot.

Customize Global Protect Pages?

We're rolling out Global Protect and would like to customize a few look and feel items - looking for any advise on how (if at all) this can be done Is it possible to customize the login page to change "name" to "e-mail address" ? Can the software download page on the GP Portal be customized at all? Thanks.

didolgi by L0 Member
  • 1947 Views
  • 1 replies
  • 0 Likes

Resolved! Adding Virtual Systems (VSYS) to production PA-3020

I have run out of Zones on my PA-3020 and can't justify purchasing a 5020 so I am exploring the addition of VSYS license on the 3020.What am I going to be getting myself into if I need to go this route and add the VSYS licensing? Will it break my existiing config, require a migration of some sort or require a major reconfiguration of everything?...

Anyone have a good list of Azure IP addresses?

Our developers have websites in the Azure cloud, which make calls in to servers internal to our network. I am trying to keep a limit to what Azure IP addresses I allow access in, but it becomes a game of whack-a-mole each time the IP changes and I have to add it to a rule. Does anyone have a list of what Azure ranges are and where they are located?

Limited Role to disable GP

We are using GP in an always on state. From time to time our users need to disable it to user another VPN or when things just aren't working. I would like to be able to allow our help desk to log in to our firewall and only be able to go to Network - Portals and Generate Ticket option. This way a user calls in, they log in and generate the key...

URL category determined from browser?

I had a website that was mis-categorized and put in a request to have it recategorized. It changed in the next PAN-DB update within the hour, and I was able to confirm that the site was showing the proper category now. I could see the new category being used when I looked at traffic from my machine to that site, but when the original user tried,...

OpenPhish Feed False Positives 10/07/17 Around 04:00 EDT

We have a URL EDL setup using the OpenPhish miner that comes with Minemeld (openphish.feed miner) that a deny rule is matching against. We have never had any issues with it blocking legitimate URL's but a few days ago the deny rule that matches against the OpenPhish EDL started blocking legitimate sites such as www.youtube.com, www.dell.com, w...

Agentless User-ID Connection to Active Directory Servers give me timout connection error

Helloplz help me in this problem, Agentless User-ID Connection to Active Directory Servers give me timout connection error, how i can fix this ?i'm using server 2012i already followed this link steps : https://live.paloaltonetworks.com/t5/Management-Articles/Agentless-User-ID-Connection-to-Active-Directory-Servers/ta-p/52041but with no result

user-agent.jpg

Captive portal issue

hi -captive portal is configure for the users -on iphone it is working fine -for andriod versions i.e it is not poping up the page-Sign-in to wifi Pop Up is not coming on android 6.0.1, android 5.0, android 4.4.2-Intermittent connection on mobile applications like facebook messenger and Facebook on random mobile devices despite the "allow all" p...

Rameshwar by L3 Networker
  • 5647 Views
  • 10 replies
  • 0 Likes

Resolved! Separating Inbound and Outbound indicators

I created a miner based on Unit42 tag search. I was trying to see how many inbound and outbound indicators it has, so I added two processors (Prototype: stdlib.aggregatorIPv4Inbound & stdlib.aggregatorIPv4Outbound) and connected to output nodes. Somehow I see the same number (227) of indicators for both. Is this expected or a bug? Please a...

How to determine DoS Alert, Activate and Max thresholds (Packets/second) from PaloAlto firewall.

Hi, We have implemented the PaloAlto firewall through which traffic is passing without any issues. Now we want to enable DoS protection and we assume that the current traffic passing through firewall is legetimate. I need your help to understand and obtain the below values.How to get packets per second value for the traffic entering the particul...

Gururaj by L4 Transporter
  • 3123 Views
  • 1 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks