This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

URL Filtering of Active Sync

HelloThere is some problem concerning url filtering of Active Sync.we create url rule which must allow Active Sync but it doesnt work.we exclude this rule it is working.is there any particular configuration about Active Sync?

Radmin_85 by L4 Transporter
  • 2136 Views
  • 1 replies
  • 0 Likes

Resolved! Palo Alto global Protect setup issue

Hi All,I'm currently trying to set up an SSL VPN using the global protect client on a Palo Alto FW.I have:-- issue a self signed root CA and CA to the palo- set up VPN tunnel- created VPN zone- setup an authentication profile using RADIUS and directed it to our NPS server which currently policy to allow access to an AD group "VPN Users"which i a...

Resolved! Response pages not always presented to users

My response pages work when users attempt to browse to a blocked category but when the blocked item is buried within the page users just get a blank screen until the connection times out. Any ideas or suggestions would be greatly appreciated!Thanks!

sturek by L0 Member
  • 3398 Views
  • 3 replies
  • 0 Likes

Zone Protection Profile - testing

I've setup a Zone Protection network profile and applied it to our DMZ zone. I changed the default for port scan on the Reconaissance Protection tab to 30 events in 3 seconds. TCP port scan is enabled, and the action is set to block-IP. I run a test by scanning a host in the DMZ, 10,000 ports in 166 sec. That's a rate of ~ 60 port / sec, and ...

URL Filtering - Chrome Device Client

Long time Palo user.We use the URL filtering add-on. Anyone know if Palo plans on making an extension for Chrome devices? Every other URL filter has this already, and we may have to move off Palo to get this functionality. Thanks.Dannon

dannon by L3 Networker
  • 2197 Views
  • 1 replies
  • 0 Likes

Resolved! How to Replace a Managed Device (PA-3020) with a New Device (PA-850)

Hi Guys, I am trying to replace a PA-3020 fierwall with a new Device (PA-850) could someone maybe give me some Hints with the best Practice?if the devices were of the same time it would have been pretty straigth-forward according to some docs released by PA.The old PA-3020 (HA) is managed by panorama so the new device would also be managed by th...

big_Gilo by L2 Linker
  • 4765 Views
  • 4 replies
  • 0 Likes

Resolved! GlobalProtect Authentication with both Active Directory and local accounts

Hello, I'm deploying a GlobalProtect VPN and I'm facing a problem in the Authentication. I have both LDAP and Local authentication profile that are configured and I want to be able to connect with either an account in the Active Directory or the local database. The problem is in the Gateway configuration, in the Authentication tab, I put both of...

Naelwan by L1 Bithead
  • 7205 Views
  • 3 replies
  • 0 Likes

I can reach a subnet trough a tunnel without proxy ID

Hello Community, I´m having a strange behavior after configuring an IPSec tunnel, the situation is that I can ping a subnet trough the tunnel which hasn´t a proxy ID. This subnet has an entry in the virtual router and the tunnel interface points to it, there´s also asecurity policy which allows this traffic but as far as I know if this subnet ha...

Carracido by L4 Transporter
  • 6021 Views
  • 11 replies
  • 0 Likes

Advertise 10.10.10.0/24 via BGP

I am trying to understand how to advertise my network 10.10.10.0/24 via BGP with the Palo. in the Cisco world, I use the command NETWORK 10.10.10.0. But with the Palo Alto, is it EXPORT or REDISTRIBUTION? Any comments will be greatly appreciated. Thx

jac101 by L2 Linker
  • 2198 Views
  • 2 replies
  • 0 Likes

Resolved! Filter-List

Hello everyone! any one has list of safed filters that could help a lot and saves our time

Resolved! DHCP from separate interface

I feel like this is a fairly simple issue to solve - yet I'm having problems figuring it out: My scenario:I have an L3 interface that is acting as a DHCP server (eth1) as an example.I want to get DHCP from that DHCP server on the PA from a separate interface (eth2). My thought was to simply setup the other interface in L2 mode and it would bridg...

Data Exfil Blocking policy

Hi All, We were planning to implement some egress rules to protect any king of large uploads/data exfil activities from inside network.And when thinking through it, the first though came to my mind is to block all outgoing connections, except web-servers and some legit services like ssh etc.But then thought, that it might get lot of pushback and...

Fatema by L2 Linker
  • 2781 Views
  • 2 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks