General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 275 Views
  • 0 replies
  • 1 Likes

Global Protect on MAC - How to Clear Cookie?

I'm running Global Protect on my Macbook.  I have the gateway configured to accept cookie and set to 24 hours.

For troubleshooting purposes I'm trying to figure out how to clear my cookie on my Macbook so it does not automatically connect.

craigkp by L0 Member
  • 4468 Views
  • 1 replies
  • 0 Likes

SKYPE

Why would a rule with app-id of skype show up in logs as ms-lync when Lync is not part of rule

Resolved! A little help with Subinterfaces and intraVLAN routing

 

I have a PA-3020 with fairly typcial config with a L3 untrusted interface and several trusted sub interfaces. I have a couple questions.

 

Prior to this, I was doing my intravlan routing on my core HP2920 switch. My 192.168.123.0/24 network is the nat

...

firefox_2017-03-22_06-35-32.png
Raland by L1 Bithead
  • 3406 Views
  • 4 replies
  • 0 Likes

User-ID agent upgrade consideration

Hello,

 

I have two Palo Alto Firewalls, each running different software version, 7.1.5 and 7.0.7.

Both firewalls connected to the same User-ID agent server. The User-ID agent version is 7.0.5-3

 

I am planning to upgrade one of the firewall from 7.1.5 to

...

qafcopa by L1 Bithead
  • 2922 Views
  • 1 replies
  • 0 Likes

Resolved! Global Protect Agent captive portal Graceperiod timeout

Hello,

 

When the Enforce GlobalProtect Connection for Network Access feature is enabled, we can define a Gaceperiod to allow users to temporary connect through a captive portal ( hotel proxy...)

 

Maximum timeout, i can see is 3600 seconds (1 hour)...

 

W

...

Response page are not display when using explicit proxy.

Hi everyone,

 

I found the issue the response page not display when the client acccess ssl websites and using a web proxy via explicit mode.

I already enabled policy decryption for all ssl websites.

On a browser will display "page not found!" or "This si

...

Kanitin by L1 Bithead
  • 2437 Views
  • 2 replies
  • 0 Likes

Decrypt-Error (SSL In bound inspection)

Dear Team ,

 

i am using PA 5020 BOX With PAN OS 7.1.5 when i am configure the SSL Inspection Inbound and create the Decrypt policy on the firewall so i am getting this error , could you please share the solutions to fix this error and share the config

...

Fahadvu by L1 Bithead
  • 2894 Views
  • 1 replies
  • 0 Likes

Exclude YouTube from Safesearch

Hi All,
 
I have an issue with getting my PA to work in conjunction with Google Apps ( or G Suite) as it is now known. A little about the enviroment:
 
Two group of users:
 
Group 1
SSL decryption enabled
Safe Search disabled
Allowed to approve videos in YouT

...

stuart.l by L2 Linker
  • 2249 Views
  • 1 replies
  • 0 Likes

Resolved! PA200 - Configuring a static internet address

Hi there,

 

This may seem like a stupid question, but we are switching ISP and they have given us a static IP because we use VPN etc. I'm configuring a PA200 and for the life of me cant figure out how to add the ISP gateway. Ive added the IP address an

...

can not install and not remove globalprotect

I work on a Vista machine and after using it succesfully for a long time, I had a problem with my GlobalProtect (it did not connect). I read somewhere it might help to uninstall it and then re-installing again, which I did. The uninstall was succesfu

...

Mister34 by L0 Member
  • 6236 Views
  • 3 replies
  • 0 Likes

Resolved! Configure NAT with multiple ports

Hello ocmmunity,

 

Do you know if it is possible to do this in the firewall ?

Name:  NAT 1
Source Zone: INTERNET
Destination Zone: INTERNET
Source Address: IP_Public
Destination Address: 1.1.1.1
Service: icmp, tcp/5551, tcp/22, tcp/4443, udp/500, udp/4500
Des

...

Apadilla by L3 Networker
  • 6310 Views
  • 3 replies
  • 0 Likes

Using AWS Bundle 2 as an Ironport replacement

I have a Bundle 2 in trail at the moment as a POC. At first glance, the interface is overwhelming, so navigating it is cumbersome at first.  What I am trying to accomplish is a viable replacement for Ironport WSA.  I have a Bluecoat POC in place and

...

ACD-II by L1 Bithead
  • 1898 Views
  • 2 replies
  • 0 Likes

Weird Malware URL Reporting

Has anybody else noticed that their botnet report is triggering on weird URLs that couldn't actually exist. I've listed some examples but I can't figure out why some of the URLs being reported are so clearly 'wrong'. 

 

Visited malware URL 8M{zy!ces{~y

...

BPry by Cyber Elite
  • 3722 Views
  • 9 replies
  • 0 Likes
  • 23639 Posts
  • 107 Subscriptions
Top Liked Authors
Labels