This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Resolved! File Blocking process

How does Palo Alto identify files, such as ".exe" when we have a rule set to block the download? What is the process that Palo Alto uses?

Global Protect connection windows

Guys,It's there a way to hide the windows of global protect if the user can't connect to the portal?.I need to do this super transparent to the user, now i'm installing the client with this settings:GlobalProtect.msi /quiet ENABLEADVANCEDVIEW="NO" SHOWAGENTICON="NO" CONNECT-METHOD="pre-logon" CANCHANGEPORTAL="NO" CANPROMPTUSERCREDENTIAL="NO" POR...

iphone voice over wifi not working????

I just upgraded from a 3000 series running 6.x to a 5220 running 8.0.4. The moment I did this, voice over wifi stopped working for iphones using T-mobile or AT&T. We can't test against Verizon because they won't default to wifi unless there is no cell coverage. I know that if I set a policy at the end of my rules for allowing everythin...

tyler by L1 Bithead
  • 3372 Views
  • 3 replies
  • 0 Likes

VPN problem with pptp and gre

Dear all, I use PAN500 replace linksys firewall. I have the problem with our client that use VPN client to dialup to internet VPN server device such as router. Our diagram looklike this.Client(window XP, with MS VPN client) --> PAN500 --> VPN server(router) I try to watch monitoring traffic. I found unusual traffic with detail : From p...

whois lookups

I am on OS 7.1.10 and my whois searches through the ACC never work for me, anyone else have this issue or a resolution to the issue

jdprovine by L4 Transporter
  • 4017 Views
  • 8 replies
  • 0 Likes

Deleting VPN from iOS device

Hi All, How do you remove Global Protect from settings an Iphone? Went into settings --> general --> then VPN. But not able to remove or delete the profile. Also checked in profile management and the VPN is not located there. Does anyone have a solution for this?

Custom URL Category in security rule - traffic log shows allowed with "any" in URL Category field

I've read the articles about the processes that take place when analyzing traffic and understand that sometimes there could be an allow status when it seems there shouldn't be. However it also seems that if the traffic truly shouldn't be allowed there would be an associated log entry with some kind of denial.In my case there is no associated de...

UrlCat.jpg
herrmoss by L2 Linker
  • 8105 Views
  • 12 replies
  • 0 Likes

Safe Search enforcement not work with Quic

On a rule with open the following service:- service-http- service-https- udp-443and with URL Filtering profile where is enabled Safe Search Enforcementif a user use Chrome, and set up Resctricted Mode = off in youtube site, he can see any type of video without any problem.If I remove udp-443 and force the Chrome failback on SSL/TLS, if set up Re...

VPN Issues (IPsec Xauth PSK) after Update to PAN OS 8.0

Good evening, We've had an issue since we upgraded our PaloAlto 500 to Palo Alto PAN OS 8.0 a couple weeks ago. If it helps we actually updated to PAN OS 7.1 and then 8.0; so not entirely sure if the problem occured at 7.1 first. Windows Global Protect clients work just fine connecting to VPN, however we had others who connected from iOS, Mac ...

a.deboer by L0 Member
  • 3764 Views
  • 2 replies
  • 0 Likes

Resolved! Response page in active-active mode

Hello,Would anybody knows how to have a response page for Captive Portal redirect mode, inactive-active mode (PAN v4.0.4) ?For example, through a loopback floating IP ?ThanksChristophe

Tap and Layer 3 mode

HI I have my PA's looking at TAP from my switches and also L3. My thought was to look at traffic that wasn't being routed. But I was thinking what happens to my TAP traffic if I have a policy that allow traffic from zone staff so a L3, but the PA also see the packet on the TAP interface, that policy will not apply and that packet will get caugh...

Global Protect Question

Hi I am having (a new ) issue with global protect. Now the support person is telling me GP is not setup to allow connection made from the client to the laptop (GP client). I'm a bit flabber gasted. But hey I could be wrong. The guys is suggesting I need GP satelitte Alex

Miner for STIX using API token

couldnt find the miner of STIX API Token type.Below is the sample request. Appreciate any pointers to an existing miner and connfig requirement / help to create new miner. POST /stixapi/recent HTTP/1.1Host: ncert.nlabs.orgContent-Type: application/x-www-form-urlencodedapi_token=MY_TOKEN_VALUE

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks