Custom Response Page

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Please sign in to see details of an important advisory in our Customer Advisories area.

Custom Response Page

L3 Networker

Hi All,


Hoping someone can help. I need a custom response page for URL Filtering. I know I need to use Javascript but that is not my forte so hoping can provide the inform for me. I need to produce two distinct page responses depending on the IP address the user comes from ie:

If they come from address range a URL response page produces "Page Blocked for Security Reasons"

If they come from any other address range a URL response page produces "Page Blocked because we have the power to do so".


I understand it is a text file I need to upload, it's just the page construct I'm struggling with.


Thanks in advance




L4 Transporter



I don't see that IP Address is a known variable in the URL filtering response page, if you want to try or just want the HTML file layout, download the current block page and edit it, then re-upload it:


1. Device->Response pages->click on 'URL Filtering and Category Match page'

2. Select predefined then 'export'

3. open text file with editor then import back.

4. Imported file will be called 'shared' and will be used.


Take a look here for more info and the


Hope this help,


Hi @a.jones 

Do you have user-id configured on that firewall? If not then the variable for the username will contain the IP address which you can then use in a javascript that will display the message like you need it.

Hi All,


Apologies I may need to add a bit more detail. The configuration contains multiple paths for different partners for a large wireless network. Each Partner has their own SSID and are assigned a specific subnet. Many share the same Response Page for their web traffic but we have a couple that want to have a different response page carrying their own Partner name. Whilst I cannot add multiple response pages and refer a partner to a specific response page I understand that using javascript I can assign a specific response based on the IP source of the user hence the original question.





@a.jones what PAN-OS verison do you have installed?

About to upgrade to 8.1.15-h3.


We are going to 9 or 9.1 in late Sept/Early Oct.





hi @a.jones 

do you have user-id configured or not? and are the subnets all /24 subnets?

L7 Applicator

so in case you are not using user-id and you have /24 subnets you can use the following response page:

		<title>Web Page Blocked</title>
		<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
		<meta name="viewport" content="initial-scale=1.0">
		  #content {
			border:3px solid#aaa;
		  h1 {
		  b {
		<script type="text/javascript">
			function onload()
				var ip = "<user/>";
				var octets = ip.split(".");
				var subnet = octets[0] + "." + octets[1] + "." + octets[2];
				var title = document.getElementById("title");
				var infotext = document.getElementById("infotext");
				switch (subnet) {
					case "10.0.0":
						title.innerHTML = "Title 1";
						infotext.innerHTML = "Infotext 1";
					case "10.0.1":
						title.innerHTML = "Title 2";
						infotext.innerHTML = "Infotext 2";
					case "10.0.2":
						title.innerHTML = "Title 3";
						infotext.innerHTML = "Infotext 3";
	<body bgcolor="#e7e8e9" onload="onload()">
		<div id="content">
			<h1 id="title">Web Page Blocked</h1>
			<p id="infotext">Access to the web page you were trying to visit has been blocked in accordance with company policy. Please contact your system administrator if you believe this is in error.</p>
			<p><b>User/IP:</b> <user/> </p>
			<p><b>URL:</b> <url/> </p>
			<p><b>Category:</b> <category/> </p>

The only thing you need to change is the statements in the switch statement according to your subnets and the title and text you want to display to the user.



Apologies for no response. I had been in and out  with suspected Covid  symptoms for a few weeks.


I have tried this and whether I am doing something wrong.


I need the following IP subnets with the following response: and responde with 

“Access to the web page you were trying to visit has been blocked in accordance with NNC filtering policy. Please contact the Complaints and Compliments team at NNC for more information or if you feel that the site you were attempting to view was inappropriately blocked.”


All other ips responded with:

“Access to the web page you were trying to visit has been blocked in accordance with Corp Partnering filtering policy. Please go to the Corp Partnering webpage for more information or if you feel that the site you were attempting to view was inappropriately blocked.”


This is a multi vsys Palo Alto and this particular vsys is the Public Wifi vsys. All Partners wifi traverses this vsys so there is no Userid but 2 partners want 2 specific subnets with a different response hence my issues.


Regards and thanks as always.





  • 8 replies
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!