This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 270 Views
  • 0 replies
  • 1 Likes

Using unlicensed VM100.

I have a VM-100 on VMWare ESXi running 7.0.4 . The demo license has expired for VM.

Would I be able to us it for testing still ( not using any url,threat features). I am see speed issue from trust to untrust

and traffic just trickles.

FQDN jobs FAILED

Hi,

 

We have added several FQDN objects and its not working. If we run

 

update.symantec.com (Objectname update.symantec.com):

Not resolved

us.archive.ubuntu.com (Objectname us.archive.ubuntu.com):

Not used

xxxxxxx (Objectname HOST_xxxx13):

Not resolved

 

2017

...

Resolved! High number of logins to AD

Good day,

 

Is it normal for the account that the FW uses to get the user-id information from AD to have a high number of logins? Across our entire network, this account is over 90% of all of our successful logins. It just seems that this account is lo

...

Resolved! LAN users cannot reach GP users

Hi All,

 

I've one inquiry where the client used to have an issue where the GP users can reach the LAN users but not vice versa.

Users in LAN and GP are on the same zone (Trust) but only GP can ping the LAN.

 

The tunnel of the GP doesn't have an IP addre

...

How to disconnect remote users at a specific hour

Goodmorning,

I need to disconnect one or more users from Global Protect VPN at a specific hour.

I try to explain, I don't want that after 7pm the remote suppliers can work on my net. I can't use the scheduled policy rules becouse the sessions started b

...

FassaSRL by L1 Bithead
  • 6516 Views
  • 5 replies
  • 0 Likes

Resolved! URL Filtering Issue

Hi,

 

Without URL Filtering in the Security Profile of the policy, we can access vimeo.com but with URL filtering profile, getting error message below in IE, Chrome and also on the phone. No proxy used, no SSL decryption. This is happening to the categ

...

Error.png
DetailedLogView.png
Farzana by L4 Transporter
  • 3432 Views
  • 4 replies
  • 1 Likes

Source zone - source address

If you enter a specific source zone but any for the source address what traffic is really allowed? Does is only allow addresses that are listed in the specified zone or is it truly any IP address?

jdprovine by L4 Transporter
  • 4710 Views
  • 11 replies
  • 0 Likes

Feature Request - Security Profile policy

Hi,

 

One thing about configuring security profiles is that when I like to change a security profile, there are so many security rules to update with the correct profile. I know I can change the profile itself and all policies using that profile will b

...

mgusta by L2 Linker
  • 3518 Views
  • 3 replies
  • 0 Likes

Problem Global Protect Behind NAT

Hello I have the following scenario:

 

-PA-3020 Edge Firewall who provide as internet access

-PA-200 LAN Firewall behind PA-3020

 

We are triying to configure Global Protect access for GP-200.

 

-I have a fqdn for the portal and gateway access which resolve

...

AitorGD by L1 Bithead
  • 3525 Views
  • 1 replies
  • 0 Likes

Resolved! VPN Timeout

Anyone know if there is a way to setup GP VPN to notify the end user before their VPN connection times out? Any feedback will be greatly appreciated.

 

Thanks

tbpowers by L0 Member
  • 1998 Views
  • 1 replies
  • 0 Likes

Strange Behavior with SIP traffic related to ALG

I'm running into an issue where specific NAT and Security policy names or numbers change then the SIP traffic stops working. I found that if I clear the sessions post change then everything starts working again. I believe this is related to ALG, lik

...

  • 23634 Posts
  • 107 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks