This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4127 Views
  • 0 replies
  • 0 Likes

Resolved! CLI command to disable power supply

Hi Does anyone know of a command to disable one of the power supplies on a PA5000 series firewall (for the 7.0 software train) please? I need to disable one of the power supplies on a remote firewall and dont have the option of pulling the cable manually.

Interface traffic utilization report for multiple VSYS device

Hi all So I'm trying to generate a very simple report on the interfaces showing what the max, min and Avg interface utilization was for the PAN device. So I have two interfaces inbound and outbound, they have multiple subinterfaces created and configured as Virtual Wires that are tied to different VSYS. I can pull a report for all VSYS showing ...

AHBosch by L0 Member
  • 2751 Views
  • 1 replies
  • 0 Likes

Resolved! MineMeld syslog indicator rules

Hi all, I've successfully connected my firewall to the syslog miner and can see logs arriving. I believe I now need to create a rule to match logs to extract the indicators. Here's my recieve stats from the miner: Here's the rule I'm trying to craft to extract the src_ip info.. Additionally, is it possible to extract the attacker IP from ...

miner-stats.jpg
rule.jpg
tkirk by L1 Bithead
  • 11537 Views
  • 6 replies
  • 0 Likes

Removing interfaces off a VM-series HA pair

As per title, functionally, this is easy to do.1. Shut VM down.2. Remove interfaces from virt solution configuration for the VM3. Power up. 4. All is well. But, in a PAN VM-series HA pair... I'm worried that I might have to shut both down AT THE SAME TIME. To remove the interfaces symmetrically.. off both. And then power both back up again. To...

mpgioia by L3 Networker
  • 2208 Views
  • 1 replies
  • 0 Likes

Import from xml of a 2 vsys system

I have an xml config export from a PoC system that had 2 vsys configured. Is there a way to peel out one of the vsys configurations from the xml and import vsys1 only?

RFalconer by L3 Networker
  • 2402 Views
  • 1 replies
  • 0 Likes

url-filtering

Hi,In url filtering adult-and-pornography blocked . But la-xxx.com can accesiblexxx.com not blocked 1)test url la-xxx.comla-xxx.com adult-and-pornography (Dynamic db)2)test url xxx.comxxx.com adult-and-pornography (Base db)other info----------show url-cloud statusThis command requires the PAN-DB URL filtering database.url filtering db5076Thanks

sib2017 by L4 Transporter
  • 5321 Views
  • 8 replies
  • 0 Likes

Two L3 interfaces on One Zone

Hi, in the setup of the above diagram , I need to run OSPF on Paloalto between two Core-SWs, so I have to create two L3 interfaces Point to Point with the two SWs. the two core-SW is considered as inside for me , so from the prespective of routing it is okay.but the issue on the polices, I have to create the polices duoble between two inside z...

Question.jpg

Resolved! Create threat signature

Hi Guys, I need to know if I can create a threat signature in case I've only the malware hash. Is it possible to do on PA? If not, Is there any other way I can block malwares based on hashes only? Regards,Sharief

Troubleshooting ipsec tunnel setup.

I have setup ipsec between PA200 and cisco device. When trying to bring tunnel up not even able to establish phase1.Getting following errors in logs. I have keyed in pre-shared key again on both the sides. ikev2-nego-child-start:'IKEv2 child SA negotiation is started as initiator,non-rekeyike-generic-event- received notify type AUTHENTICATION_FA...

Globalprotect - User-ID - missing domain prefix - group mapping not working

Hi I have been trying to get User-id / Group mapping to work in one of our installations but without any luckTried both Radius and LDAP authentication.I do see User-ID / IP mapping - but the domain prefix is missing."10.253.250.1 vsys1 GP sensagummi 2591361 2591361" I do as well see User-ID / Group mapping and the domain prefix is present there ...

Resolved! PA drops traffic apparently without NO REASON

Hi All, I have PA 2050 with panOS version --> 7.0.9I have two rules:Rule 4 --> Permit for svc-casse application as (ssl, ms-updated ecc)Rule 5 --> Cleanup for svc-casse That's the situation check :RULESLOG Really really strange behavior I never seen this before.Rule 4 permit ssl and ms-update but it's ignored.. Another crazy thing? Some...

Rule_INVOLVED.JPG
LOG_DROP_Without_no_reason.JPG
SSL_Allow_random.JPG

Resolved! Message of the day adn Embedded Message for cotent updates

How does one go about getting contents updates as part of message fo the day running 7.1.6 according to below in Red from PA the content and software messages have to be embedded and then I should be able to log in and veiw messege of the day and see ant content or softwared update messages If you or another administrator configured a message...

  • 24336 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks