Device > Response Pages
Table of Contents
Expand all | Collapse all
-
- Firewall Overview
- Features and Benefits
- Last Login Time and Failed Login Attempts
- Message of the Day
- Task Manager
- Language
- Alarms
- Commit Changes
- Save Candidate Configurations
- Revert Changes
- Lock Configurations
- Global Find
- Threat Details
- AutoFocus Intelligence Summary
- Configuration Table Export
- Change Boot Mode
-
- Objects > Addresses
- Objects > Address Groups
- Objects > Regions
- Objects > Dynamic User Groups
- Objects > Application Groups
- Objects > Application Filters
- Objects > Services
- Objects > Service Groups
- Objects > Devices
- Objects > External Dynamic Lists
- Objects > Custom Objects > Spyware/Vulnerability
- Objects > Custom Objects > URL Category
- Objects > Security Profiles > Antivirus
- Objects > Security Profiles > Anti-Spyware Profile
- Objects > Security Profiles > Vulnerability Protection
- Objects > Security Profiles > File Blocking
- Objects > Security Profiles > WildFire Analysis
- Objects > Security Profiles > Data Filtering
- Objects > Security Profiles > DoS Protection
- Objects > Security Profiles > Mobile Network Protection
- Objects > Security Profiles > SCTP Protection
- Objects > Security Profile Groups
- Objects > Log Forwarding
- Objects > Authentication
- Objects > Packet Broker Profile
- Objects > Schedules
-
-
- Firewall Interfaces Overview
- Common Building Blocks for Firewall Interfaces
- Common Building Blocks for PA-7000 Series Firewall Interfaces
- Tap Interface
- HA Interface
- Virtual Wire Interface
- Virtual Wire Subinterface
- PA-7000 Series Layer 2 Interface
- PA-7000 Series Layer 2 Subinterface
- PA-7000 Series Layer 3 Interface
- Layer 3 Interface
- Layer 3 Subinterface
- Log Card Interface
- Log Card Subinterface
- Decrypt Mirror Interface
- Aggregate Ethernet (AE) Interface Group
- Aggregate Ethernet (AE) Interface
- Network > Interfaces > VLAN
- Network > Interfaces > Loopback
- Network > Interfaces > Tunnel
- Network > Interfaces > SD-WAN
- Network > Interfaces > PoE
- Network > Interfaces > Cellular
- Network > Interfaces > Fail Open
- Network > VLANs
- Network > Virtual Wires
-
- Network > Routing > Logical Routers > General
- Network > Routing > Logical Routers > Static
- Network > Routing > Logical Routers > OSPF
- Network > Routing > Logical Routers > OSPFv3
- Network > Routing > Logical Routers > RIPv2
- Network > Routing > Logical Routers > BGP
- Network > Routing > Logical Routers > Multicast
-
- Network > Routing > Routing Profiles > BGP
- Network > Routing > Routing Profiles > BFD
- Network > Routing > Routing Profiles > OSPF
- Network > Routing > Routing Profiles > OSPFv3
- Network > Routing > Routing Profiles > RIPv2
- Network > Routing > Routing Profiles > Filters
- Network > Routing > Routing Profiles > Multicast
- Network > Proxy
-
- Network > Network Profiles > GlobalProtect IPSec Crypto
- Network > Network Profiles > IPSec Crypto
- Network > Network Profiles > IKE Crypto
- Network > Network Profiles > Monitor
- Network > Network Profiles > Interface Mgmt
- Network > Network Profiles > QoS
- Network > Network Profiles > LLDP Profile
- Network > Network Profiles > SD-WAN Interface Profile
- Network > Network Profiles > MACsec Profile
-
-
- Device > Setup
- Device > Setup > Management
- Device > Setup > Interfaces
- Device > Setup > Telemetry
- Device > Setup > Content-ID
- Device > Setup > WildFire
- Device > Setup > ACE
- Device > Setup > DLP
- Device > Log Forwarding Card
- Device > Config Audit
- Device > Administrators
- Device > Admin Roles
- Device > Access Domain
- Device > Authentication Sequence
- Device > IoT Security > DHCP Server Log Ingestion
- Device > Device Quarantine
-
- Security Policy Match
- QoS Policy Match
- Authentication Policy Match
- Decryption/SSL Policy Match
- NAT Policy Match
- Policy Based Forwarding Policy Match
- DoS Policy Match
- Routing
- Test Wildfire
- Threat Vault
- Ping
- Trace Route
- Log Collector Connectivity
- External Dynamic List
- Update Server
- Test Cloud Logging Service Status
- Test Cloud GP Service Status
- Device > Virtual Systems
- Device > Shared Gateways
- Device > Certificate Management
- Device > Certificate Management > Certificate Profile
- Device > Certificate Management > OCSP Responder
- Device > Certificate Management > SSL/TLS Service Profile
- Device > Certificate Management > SCEP
- Device > Certificate Management > SSL Decryption Exclusion
- Device > Certificate Management > SSH Service Profile
- Device > Response Pages
- Device > Server Profiles
- Device > Server Profiles > SNMP Trap
- Device > Server Profiles > Syslog
- Device > Server Profiles > Email
- Device > Server Profiles > HTTP
- Device > Server Profiles > NetFlow
- Device > Server Profiles > RADIUS
- Device > Server Profiles > SCP
- Device > Server Profiles > TACACS+
- Device > Server Profiles > LDAP
- Device > Server Profiles > Kerberos
- Device > Server Profiles > SAML Identity Provider
- Device > Server Profiles > DNS
- Device > Server Profiles > Multi Factor Authentication
- Device > Local User Database > Users
- Device > Local User Database > User Groups
- Device > Scheduled Log Export
- Device > Software
- Device > Dynamic Updates
- Device > Licenses
- Device > Support
- Device > Policy Recommendation > IoT
- Device > Policy > Recommendation SaaS
- Device > Policy Recommendation > IoT or SaaS > Import Policy Rule
-
- Device > User Identification > Connection Security
- Device > User Identification > Terminal Server Agents
- Device > User Identification > Group Mapping Settings
- Device > User Identification> Trusted Source Address
- Device > User Identification > Authentication Portal Settings
- Device > User Identification > Cloud Identity Engine
-
- Network > GlobalProtect > MDM
- Network > GlobalProtect > Clientless Apps
- Network > GlobalProtect > Clientless App Groups
- Objects > GlobalProtect > HIP Profiles
-
- Use the Panorama Web Interface
- Context Switch
- Panorama Commit Operations
- Defining Policies on Panorama
- Log Storage Partitions for a Panorama Virtual Appliance in Legacy Mode
- Panorama > Setup > Interfaces
- Panorama > High Availability
- Panorama > Firewall Clusters
- Panorama > Administrators
- Panorama > Admin Roles
- Panorama > Access Domains
- Panorama > Device Groups
- Panorama > Plugins
- Panorama > Log Ingestion Profile
- Panorama > Log Settings
- Panorama > Server Profiles > SCP
- Panorama > Scheduled Config Export
- Panorama > Device Registration Auth Key
Device > Response Pages
Custom response pages are the web pages that display
when a user tries to access a URL. You can provide a custom HTML
message that is downloaded and displayed instead of the requested
web page or file.
Each virtual system can have its own custom response pages. The
following table describes the types of custom response pages that
support customer messages.
Custom Response Page
Types | Description |
|---|---|
Antivirus Block Page | Access blocked due to a virus infection. |
Application Block Page | Access blocked because the application is
blocked by a Security policy rule. |
Authentication Portal Comfort Page | The firewall displays this page so that
users can enter login credentials to access services that are subject
to Authentication policy rules (see Policies
> Authentication). Enter a message that tells users how to
respond to this authentication challenge. The firewall authenticates
users based on the Authentication Profile specified
in the authentication enforcement object assigned to an Authentication rule
(see Objects
> Authentication). You can display
unique authentication instructions for each Authentication rule
by entering a Message in the associated authentication
enforcement object. The message defined in the object overrides
the message defined in the Authentication Portal Comfort Page. |
| Data Filtering Block Page | Content was matched against a data filtering profile and blocked because sensitive information was detected. |
File Blocking Continue Page | Page for users to confirm that downloading
should continue. This option is available only if Continue functionality
is enabled in the security profile. Select Objects
> Security Profiles > File Blocking. |
File Blocking Block Page | Access blocked because access to the file
is blocked. |
GlobalProtect App Help Page | Custom help page for GlobalProtect users
(accessible from the settings menu on the GlobalProtect status panel). |
GlobalProtect Portal Login Page | Login page for users who attempt to authenticate
to the GlobalProtect portal webpage. |
GlobalProtect Portal Home Page | Home page for users who successfully authenticate
to the GlobalProtect portal webpage. |
GlobalProtect App Welcome Page | Welcome page for users who successfully
connect to GlobalProtect. |
MFA Login Page | The firewall displays this page so that
users can respond to multi-factor authentication (MFA) challenges
when accessing services that are subject to Authentication policy
rules (see Policies
> Authentication). Enter a message that tells users how to
respond to the MFA challenges. |
SAML Auth Internal Error Page | Page to inform users that SAML authentication
failed. The page includes a link for the user to retry authentication. |
SSL Certificate Errors Notify Page | Notification that an SSL certificate has
been revoked. |
SSL Decryption Opt-out Page | User warning page indicating that the firewall
will decrypt SSL sessions for inspection. |
URL Filtering and Category Match Block Page | Access blocked by a URL filtering profile
or because the URL category is blocked by a Security policy rule. |
URL Filtering Continue and Override Page | Page with initial block policy that allows
users to bypass the block. For example, a user who thinks the page
was blocked inappropriately can click Continue to proceed
to the page. With the override page, a password is required
for the user to override the policy that blocks this URL. See the URL
Admin Override section for instructions on setting the override
password. |
URL Filtering Safe Search Enforcement Block Page | Access blocked by a Security policy rule
with a URL filtering profile that has the Safe Search Enforcement option
enabled. The user sees this page if a search is performed
using Bing, Google, Yahoo, Yandex, or YouTube and their browser
or search engine account setting for Safe Search is not set to strict.
The block page will instruct the user to set the Safe Search setting
to strict. |
Anti Phishing Block Page | Displays to users when they attempt to enter
valid corporate credentials (usernames or passwords) on a web page for
which credential submissions are blocked. The user can continue
to access the site but remains unable to submit valid corporate
credentials to any associated web forms. Select Objects
> Security Profiles > URL Filtering to enable credential
detection and control credential submissions to web pages based
on URL category. |
Anti Phishing Continue Page | This page warns users against submitting
corporate credentials (usernames and passwords) to a web site. Warning users
against submitting credentials can help to discourage them from
reusing corporate credentials and to educate them about possible
phishing attempts. Users see this page when they attempt to submit
credentials to a site for which the User Credential Submission permissions
are set to continue (see Objects
> Security Profiles > URL Filtering). They must select Continue to
enter credentials on the site. |
You can perform any of the following functions for Response
Pages.
- To import a custom HTML response page, click the link of the page type you would like to change and then click import/export. Browse to locate the page. A message is displayed to indicate whether the import succeeded. For the import to be successful, the file must be in HTML format.
- To export a custom HTML response page, click Export for the type of page. Select whether to open the file or save it to disk and, if appropriate, select Always use the same option.
- To enable or disable the Application Block page or SSL Decryption Opt-out pages, click Enable for the type of page. Select or deselect Enable, as appropriate.
- To use the default response page instead of a previously uploaded custom page, delete the custom block page and commit. This will set the default block page as the new active page.