This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

API timeouts/Web UI unresponsive

Hello, Managment plane stops responding when sending a number of User-ID XML API calls to FW (tried using PAN-OS 7.1.5 and 8.0).Any API calls during this time either time-out or return 502/504 HTTP responses.After close to exactly 5 minutes later from when WebUI became unresponsive, it will start responding again as per usual.Logs show error: *1...

Farzana by L4 Transporter
  • 2741 Views
  • 2 replies
  • 0 Likes

What kind of speed should I expect from client VPN connections?

We are looking at a new PA 5250. We currently have a PA 5050 for testing. Last night I was getting about 70mbit/sec on my home cable modem. I can get 300mbit/sec without the VPN. A really old Cisco ASA was giving me about 30mbit/sec. Any thoughts on the above performance? Can it be turned to be better? This was on a brand new MacBook with Sierra...

dlazzaro by L1 Bithead
  • 2701 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect Certificate Prompt

My users using GlobalProtect on Windows are experiencing a very strange problem when they connect with GlobalProtect. I am stuck on this one, any tips, pointers, or possible solutions are much appreciated. Usage: Our GlobalProtect clients connect using pre-logon with certificates. We are not using SSO. Problem: Every once and a whi...

certerror.png
mmclimans by L3 Networker
  • 4598 Views
  • 1 replies
  • 0 Likes

BGP establish state flapping.

I have couple of bgp established on the firewall. Confiugured new one to AWS ,tunnel comes up but Bgp is flapping.System logs.BGP peer session enters established starte,peer ip:169.254.32.1BGP peer session left established state,peer ip: 169.254.32.1.

Select route with shorther prefix length

I have a static route for 172.16.0.0/12 but my PA is also learning through OSPF a route for 172.16.0.0/24. As these routes have different prefix length both are installed in the routing table and the dynamic route for 172.16.0.0/24 learnt through OSFP takes precedence over static route for 172.16.0.0/12 without having in consideration the admini...

COM-UCO by L1 Bithead
  • 4147 Views
  • 3 replies
  • 0 Likes

Configure a static 1-to-1 destination NAT policy

Hello Live Community, I am a new comer to the firewall game and I am wondering how would I go about setting up static 1-to-1 destination NAT policy on my PA-500 Firewall. I just recently set up the firewall using the documentation below and everything seems to be running great but my Xbox One device Nat is set to strict. I was wondering if some...

lzabler by L1 Bithead
  • 5851 Views
  • 3 replies
  • 0 Likes

certificate is not signed by a trusted certificate authority.

Hello guys, I have a one question about Global Protect. I configured it and all was working properly, but when i updated my global protect to the versin 3.1.5 or new 4 and then when i trying to connect an error occur "Gateway ... : Server certificate verification failed" how to fix this problem can anyone tell me? PAN OS 7.1.7

Resolved! PANs as internal routers?

We are planning to make our Palo Alto (pair) into the main internal router for a decent sized enterprise data center and about 300 users. A pair of Arista routers will be our external WAN/BGP routers. Is using the PAN as a router considered a best practice? Is it an acceptable practice from a speed/performance perspective? We plan to hairpin a l...

dlazzaro by L1 Bithead
  • 6000 Views
  • 5 replies
  • 1 Likes

New-old VM models

Hi All, I have been updated with new information on "Colossal event" , but some things remain grayed... Example, I have VM-100 almost five years in production environment and I see that it got muscles right now. So I have several doubts regarding my "old" VM-100... What going to happend with licensing fee if consider resource increasing?How to ...

Tician by L3 Networker
  • 5202 Views
  • 5 replies
  • 0 Likes

Corporate Credential Submission / Phishing protection in PANOS 8.0

Good Morning, I'm lucky enough to work with a few early adopters and have PANOS8.0 running in several production locations on VM and 3000 series appliances. So far, business as usual with the "old" feature set.... I've now setup Credential Protection on two of these sites, using the RODC method to spot username/password combos, rather than just ...

Dpeters1 by L2 Linker
  • 2942 Views
  • 1 replies
  • 1 Likes

How to exporting URL log to CSV with comma inside URL field?

Hello, I'm exporting the URL log to CSV file (I'm using CLI csp export), but I'm having a issue when I try to import this log in MS Excel because some URL have a comma, that break the columns in a wrong way.Anybody knows if is there a way to export the URL field between double quote? I'm think that user_agent field can do the same issue.

Lauro by L1 Bithead
  • 6467 Views
  • 8 replies
  • 0 Likes

Resolved! EBL policy (URL & IP)

Hello, We have succesfully implemented the EBL with an Dynamic IP List,We also want to block destinations URL based , so i've created an Dynamic URL list. Is it possible to combine both objects into one security policy or do I have to create seperate policies?I am not sure about this and hope someone can answer my question. Best Regards,Patrick

ppater by L1 Bithead
  • 2273 Views
  • 1 replies
  • 0 Likes

Log Retention

I forward all my device logs to Panorama. I just noticed that the logs only go back 1 day. How can I enable longer retention? Is there a setting for that?

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks