This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4235 Views
  • 0 replies
  • 0 Likes

Resolved! Migration path from PA-2020 to PA-820

What is the correct way to migrate from a PA 2020 at PANOS currently at 6.1.16 (plan on upgrading to 7.0.14; the highest version show up in the avaliable releases) to a PA 820 at PANOS 8.0?

itoffice by L0 Member
  • 7186 Views
  • 8 replies
  • 0 Likes

Resolved! How VPN test commands work

What happens behind the scenes when you run.. test vpn ike-sa gateway <name> or test vpn ipsec-sa tunnel <name> Is there a debug which will show you the test packets sent/received?

palomed by L3 Networker
  • 7245 Views
  • 2 replies
  • 0 Likes

Vpn site to site encryption

Hi All, i have two different firewalls and need to establish site to site vpn IKE Phase 1 : Encryptin will be AES-256 CBC and the other peer have only AES-256 without CBC is it gonna work ? or it will fail

Panorama Cert Expiring

I've been finding it more difficult to take time away from daily work tasks to review the happenings on the community. That said I just reviewed the release notes for 7.1.9 and saw the impending cert expiration. While the "sticky" thread is a good idea, it might be a good way for Palo to reach the appropriate masses if you guys send a "notifica...

User-id with RDP users

hi, am having an issue with user-id for users login to servers over RDP, what happens is when user1 login to serverA over RDP and then user2 login to serverA user2 will get the policy of user1. on PAN when i run the command ( show user-id-mapping ip serverA ) it shows user1 login .when i installed the TS-agent on serverA it solved my issue but t...

Resolved! Simple two PC ping test setup with PA200?

Hi folks, I want to setup a simple two PCs connected to PA200 so that I may practice a ping test and packet capture.PC#1 - IP address 192.168.1.2 - connected to interface 1/1PC#2 - IP address 192.168.2.2 - connected to interface 1/3. I can not get my interfaces to come alive after committing changes! Anyone know what I could be doing wrong?

ping3.jpg
ping2.jpg
OMatlock by L4 Transporter
  • 6703 Views
  • 8 replies
  • 0 Likes

Resolved! Settings inheritance thru Template-Stack ?

If I have two devices in the same Template-Stack, will member template enforce same setting on both devices including i.e. same L3 addresses ? This is what I want to avoid

niuk by L3 Networker
  • 5848 Views
  • 3 replies
  • 0 Likes

How to IPSec over GRE with dynamic routing

I saw a document on how to configure VTI tunnel with OSPF. But that is for PAN-OS 4.1. Does anybody know if PAN-OS 7.1 supports GRE tunnel? I need to configure IPSec over GRE on the Palo Alto to talk to a Cisco router. Thanks

jac101 by L2 Linker
  • 4594 Views
  • 2 replies
  • 0 Likes

Resolved! How to Implement Certificates Issued from Microsoft Certificate Services?

Hi folks, I am starting my journey to configure Global Protect VPN. First I am trying to create/install a SSL certificate from my internal Microsoft CA. I see articles for subordinate, but I do not have that. Just a stand alone Microsoft CA. This article indicates that I need to eventually export the certificate (after submitting csr to CA an...

pacsr.jpg
pacsr2.jpg
pacsr3.jpg
pacsr4.jpg
OMatlock by L4 Transporter
  • 16993 Views
  • 7 replies
  • 0 Likes

Resolved! Viewing offloaded sessions in CLI

System is a PA-3050 running SW version 7.1.7 Does the CLI still show the "Offload: yes" output in 'show session id <session-id-#>' for this version of software? I recall seeing this flag for certain sessions in prior versions. Lately I have been troubleshooting some issues and have not seen that flag for any of the sessions being viewed. H...

Resolved! Monitor tab empty

PANOS 8.0.0Definitely forwarding and policies working.But monitor tab simply empty.. restart did nothing.?

mpgioia by L3 Networker
  • 9402 Views
  • 14 replies
  • 0 Likes

help with NAT

hello im wondering if anyone can help a PAFW newbie with configuring some nat that i am trying to pass through. i dont know how my security & nat rules should look but this is what i have configured: security rule: source zone (untrust) source address (any) destination zone (untrust) destination 99.99.99.13 Acceptnat rule: source zone (untr...

bwfreas by L1 Bithead
  • 2958 Views
  • 3 replies
  • 0 Likes

Resolved! IPsec tunnel questions?

Hi folks, We have several IPsec VPN tunnels for various remote firewalls connections. One of them is changing their firewall hardware to something else next week. Sonic firewall, I believe. I've been told that they are configuring the new replacement hardware with the same settings as before including same peer IP address.NOTE: I will backup ...

OMatlock by L4 Transporter
  • 4152 Views
  • 5 replies
  • 0 Likes
  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks