General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 436 Views
  • 0 replies
  • 2 Likes

Resolved! Selection of the GlobalProtect portal by users

Hi !

 

We would like to install 2 GlobalProtect portals:

- one for the connection to the internal network since the outside with a VPN by using the GlobalProtect client ;

- one for the connection to the internal network with the GlobalProtect client, in

...

Palo Alto with Silver Peak SD-WAN

Hi all,

 

Has anyone done a Silver Peak SD-WAN solution with Palo Alto Firewall ? if so, do you mind share the physical layout ? and how you handle redundancy ?

 

I am working on a Silver Peak SD-WAN solution with Palo Alto firewall. The internet circuit

...

datran by L0 Member
  • 2241 Views
  • 2 replies
  • 0 Likes

Resolved! wildcard bitmasks

Will pan os support use of wildcard bitmasks in address objects in future as cisco ASA does.

For example aal devices in in the 10.6.0.0/16 supernet ending on .12

10.6.0.12 0.0.255.0. This will eliminatie a lot of entires in object address groups.

Resolved! Global protect VPN disconnecting multiple times

Hi,

Im facing issue with connecting to GP VPN, unfortunatly im the one who is having issue.

VPN works fine on other cmputer but having issue with my computer

below are the error msg i got during the VPN disconnect time

 

(T10836) 04/11/17 18:51:28:501 Deb

...

Resolved! Search rules based on Source Zone

Hi,

 

If anyone can help me. Is there a way that i could filter all Security rules just based on the source Zone ?

 

For example just show me Security Rules from Source Zone x ( and i need to see what rule corespondes to that zone)

 

 

Thanks

 

Alban

Resolved! TAP:Specifying external interface

I'm working on a home lab, have an ESXi server with some UTM VMs running and I'd like to give them something interesting to look at. 

 

Following the online documentation (both in support and this: https://live.paloaltonetworks.com/t5/Configuration-Art

...

Resolved! Issue allowing port 2463

I'm trying to allow port 2463 (lsi-raid-management) traffic from my untrust zone to one of my vlan zones. I have added it to an application group and added a policy for traffic between my untrust zone and vlan zone with that application group. Every

...

tglear by L1 Bithead
  • 5120 Views
  • 12 replies
  • 0 Likes

Resolved! Google Play Store Problem

Dear Members,

Am here a new member, please I wish to know how to block only the google play store.If I try to block only that with google base application, other traffics also blocked.Let me know how to block only google play store.

Regards,

RKV

Resolved! Multiple Response Pages

Does anyone know of a way to make multiple response pages for different user groups. Specifically the URL Filtering and Category Match Block Page? 

Essentially what I'm trying to do is create two different responses; one that will tell you your reque

...

BPry by Cyber Elite
  • 8000 Views
  • 8 replies
  • 0 Likes

palo alto firewall insufficent data in traffic Logs

I see lots of enteires in regards to Insufficient-Data but  how does one go by troublshooting them? I understand the definition btu is Packet capture the only way to get reason for it? Considering I have a any port any service rule I wouldnt expect t

...

Resolved! How to check drops on PA-500 due to performance limits

Hello!

 

Is there way to check session/packet drops on PA-500 due to performance limitaions?

 

Scenaro:

There is PA-500 appliance, that provide internet access to +2000 users with agentless integration with AD.

 

Management CPU average load is about 70-100

...

SSL Decrypt Problem with Chrome

Hello all,

 

 

We are having some problems with SSL Decrypt with Chrome. When we try to connect to some pages appears certificate error that I attached.

 

I have PanOS 7.1.8 and only occurred this with Chrome. Know somebody how I can fix this problem ?

 

Ki

...

error.png
SOC_CSG by L4 Transporter
  • 4486 Views
  • 5 replies
  • 0 Likes
  • 23699 Posts
  • 110 Subscriptions
Top Solution Authors
Labels