This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4312 Views
  • 0 replies
  • 0 Likes

Administrator account issue

PA-5050 device with software version 4.1.6.In all my devices except one, I was able to create a new Administrator account (Superuser) with password and log on with the account to administer the device. The problem device allows me to create a new account like the others, but I get an "Invalid Username or password" error when I attempt to log on...

kwaid by Not applicable
  • 10693 Views
  • 7 replies
  • 0 Likes

Global Protect 1.2.2-14 winhttpObj, error! ipaddress

Hi,I keep getting this error when trying to connect with global protect, this pc is on the internal network. I should get the massage 'Connected Internal'...any ideas. I have included the log below and highlighted the line.(T3776) 04/24/13 09:46:14:861 Info (2249): winhttpObj, HandleHttpsRequest, cmdStr = (T3776) 04/24/13 09:46:14:861 Info (2268...

Shutting down/disabling subinterfaces

I am very new to the PANOS world so I will apologize in advance if this is obvious, however my search of documentation and knowledebase did not yield anything. I have been looking for a way to administratively shut down sub interfaces. Is this possible? While it's easy enough to shutdown a physical interface by assigning it's link-state we're no...

scourge by Not applicable
  • 34626 Views
  • 15 replies
  • 0 Likes

Show Hard Drive information

For an audit, I need to know the Make/Model/Serial Number of the internal HDD. I cant seem to locate the appropriate show command on a PAN device...any ideas?Thanks much

Sending Before Change and After Change details in Panorama to Syslog

I've been testing the logging of change events to a syslog server from Panorama. Syslog events indicate a change made by a person and the general section of the change without giving any specific details of what was changed. Looking in Panorama in the Monitor tab I can see the change event and some details that are sent to syslog, but the deta...

merrick by L1 Bithead
  • 9078 Views
  • 5 replies
  • 0 Likes

PA equivalent of ASA packet tracer?

One of the more useful features in troubleshooting on the PIX/ASA (which we used until recently) is the packet tracer, which allows us to enter source/destination IP/port, etc and check to see if a given connection is allowed or blocked, and by which rule. Is there an equivalent feature in the PA units?

Scheduled Log Export Failure

I have Scheduled Log Export but it's failing. The system log reads "Failed exporting traffic log via ftp (last-calendar-day)".If I run the export command via CLI, it runs successfully.>ftp export log traffic start-time equal 2012/11/28@00:00:00 end-time equal 2012/11/28@23:59:59 to anonymous@hostnameAny ideas on why the Scheduled Log Export ...

MLaden by Not applicable
  • 6130 Views
  • 3 replies
  • 0 Likes

Resolved! commit confirmed X on PaloAlto firewall ?

Hello All, I am a newbie to PA firewalls but have some experience with JunOS firewalls. I like the "commit confirmed XX" command on JunOS because it will revert a change after XX minutes if for some reason I get locked out. A good example is when changing speed/duplex on an edge firewall that I may get locked out of. Is there an equivalent com...

Resolved! Cannot connect to management server

Dear All:I had meet this problem for three times ,and It comes again , I can ping the Management port with a low delay , but can not login through the httpsand can login from SSH, but without any cli , I can't typing . and always"Oct 30 12:21:13 Error: pan_read_full(comm_utils.c:97): srvr: fatal recv error. sock=3 err=Connection reset by peer (1...

j.guo by L1 Bithead
  • 38320 Views
  • 12 replies
  • 0 Likes

Exclude www.google.* from decryption

Hello,are you able to exculde https://www.google.com ; https://www.google.de and other domains from SSL decryption?Or clients complain about the slow loading of the website when they open Google or try to search something.Currently i add in a white custom URL category:www.google.comwww.google.com/www.google.com/*www.google.*www.google.*/www.goog...

Hithead by L4 Transporter
  • 12812 Views
  • 17 replies
  • 0 Likes

SysLog setup not working

Hi, I am using PA-2050, with PAN OS 4.1.3.From few days I am trying to configure the syslog to be sent to a central logging system. I followed every possible documentation, but I am not getting any syslogs coming to the syslog server. I tried on syslog server on linux and windows. I tried splunk, kiwi and few more. and finally I could conclude ...

Resolved! Maximum number of FW admin sessions

Hi CommunityI was teaching a class and was asked a simple question:Is there a max number of FW administrators that can be concurrently logged into the FW at the same time?I have a large customer (a Managed Service Provider) with a large number of FWs, as well as a international team supporting the customers.It is possible to have many admins log...

scantwell by L4 Transporter
  • 11904 Views
  • 7 replies
  • 0 Likes

Applications not being identified correctly

I am running into a number of situations where the applications are not being identified correctly and thus not working. I can see that the applications is using the correct port, but the PA shows it is "web browsing", unknown, etc. Examples:KaKaoTalk (ports 80 and 443) which is enabled, does not workGuild Wars (6112, 6600 and 80) 6112 shows ...

BobW by L4 Transporter
  • 8480 Views
  • 4 replies
  • 0 Likes

Resolved! Commit failed - failed to send phase 1 to client logrcvr

Hello,Since this morning I'm not able to commit any change from my panorama to my firewallsHere is the message error that I receive:Details:. Management server failed to send phase 1 to client logrcvr. Management server failed to send phase 1 abort to client logrcvr. Commit failedI tried some debug command like "debug software restart log-receiv...

baloise by Not applicable
  • 18379 Views
  • 9 replies
  • 0 Likes

GlobalProtect reports a "Client Certificate Error" but still connects

Hello-I'm running a PA-500 on with GlobalProtect for VPN access. Just recently our users started experiencing an issue wherein they try to connect and receive a "Client Certificate Error" error dialog. However, after they click OK to close the dialog, the agent connects anyway. I investigated the issue myself and found what follows below. No...

Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks