This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4244 Views
  • 0 replies
  • 0 Likes

BFD in Active Active HA

Figured this out the hard way. If you create a custom BFD profile in Active / Active HA mode, the BFD profile names need to be unique to each device. If you try to configure a BFD profile with the same name on both devices, BFD will not come up. If you do try to configure a BFD profile with the same BFD profile name and you make and commit c...

Unable to navigate to Google sites through Google Chrome

My users in the past few weeks have not been able to navigate to any Google sites through Google Chrome. It started out to be one person and now every day I am getting new users. This is only occurring at my Corporate office and the only thing in common is the Palo Alto. The error they receive is ERR_CONNECTION_CLOSED. It just says the site...

Resolved! "decrypt-unsupport-param" error on Inbound SSL Decryption

I am trying to get inbound SSL decryption for our web server. I imported our web server's SSL certificate with private key to the Palo. It shows "Valid" and the "private key" checkbox is checked. But the log shows it is not getting decrypted, and I'm seeing the session end "decrypt-unsupport-param" . The certificate is signed by a CA, 2048-bit, ...

Maxstr by L3 Networker
  • 40420 Views
  • 18 replies
  • 1 Likes

Minemeld not pulling low and medium confidence feeds?

Hello, My firewall is able to pull several feeds from our minemeld server. However, it is not pulling our Low and Medium Confidence inbound feeds. Worked with PA support and they said there must be something wrong with our Minemeld server and suggested I post a question here. thanks!

refresh FQDN problem

Hi, We have several computers in our network using this proxy: proxy1.eu.webscanningservice.comThis domain changes IP each 15-20minutes. So when this domain changes the Ip we can reach the proxy from our computers.So i have several doubts:1)PA detects when a domain changes the IP and update the FQDN database?? or only FQDN refresh is done each 3...

Palo Alto Integration... weirdness.

Morning, I was wondering if someone could help me. We have the palo intergation enabled and the results are rather interesting. If I check a device that is a iOS Device in Aruba I can see IP, user assiocated to the device and so on. If I put that same IP into Palo I have the IP Address listed with no user ID assigned.Now if I check a device that...

Screen Shot 2017-01-10 at 10.39.45 am.png
Screen Shot 2017-01-10 at 10.40.29 am.png
Screen Shot 2017-01-10 at 10.40.46 am.png

Ping to allow on Security Policy

Hi I have made security policy on Paloalto as per port base requirment. eg.I have allowed http, https, dns as a service. But i also want ping to be allowed in the same policy. Please advice how can achive this. Samir.

samirs by L0 Member
  • 3767 Views
  • 2 replies
  • 0 Likes

Recommemded version for PA-2020

hi, We have a cluster PA-2020 with PanOS 5.0.16. I just looed into EoS version, and this version doest have support since last november. Please, can we upgrade this PA to any higher version??? which is the recommend for this PA-2020?? we dont want to lose performace going higher.

Resolved! Panorama and Oracle OVS

Hello, We have Panorama implemented on VMWare ESX. We would like to move the VM from VMWare to Oracle Virtual Host. Is Panorama supported on Oracle OVS? Thanks in advance.

Farzana by L4 Transporter
  • 2638 Views
  • 1 replies
  • 0 Likes

Resolved! REST API: set: service

Hi, I tried to set a new service using action=set and it gives me an error "set failed, may need to override template object first”And if I use action=override"Object cannot be overridden”rCan anyone help me to get this done? https://[IP-ADDRESS]/api/?type=config&action=set&key=[AUTHKEY]&xpath=/config/devices/entry/vsys/entry[@name=%...

hottija by L1 Bithead
  • 9446 Views
  • 5 replies
  • 0 Likes

Minemeld on RHEL due any time soon?

Hi all, as a long time Palo customer I'm keen to utilise Minemeld and ideally like to run it on RHEL. Is there anything in the pipeline for installing / supporting Minemeld on RHEL or anyone admitting to getting it working without "support"? Otherwise I'll invest some time in getting up to speed on the supported alternatives. Thanks, Steve.

Stevobot by L1 Bithead
  • 6947 Views
  • 3 replies
  • 1 Likes

ldap cfg LDAP failed to get info from server

Has anyone run into the issue where the ldap server is generating the following logs: ldap cfg LDAP failed to get info from server "10.x.x.x"?We are not getting authentication issues and the tcpdump on the mgmt interface shows bi-directional traffic. when I do a "show user group-mapping state all in the CLI it displays 0 number of groups mapped....

Basic Networking question

My basic question is if I have an existing MPLS connection to a remote office which is basically made up of static routes on both ends, can I also create a site-to-site VPN as a backup or will this cause a loop? What I mean is can both be active at the same time. The MPLS and the Site to Site VPN?

Resolved! intra-interface (packets enter and exit same interface) ?

This is a problem for other vendors (and something must be enabled/configured to allow this to occur).Have not tried this in PANOS, but wondering if this just works or is it a similar scenario where you must enable something in PANOS ?http://www.networkstraining.com/permitting-traffic-to-enter-and-exit-the-same-interface-same-security-traffic-pe...

mpgioia by L3 Networker
  • 11252 Views
  • 7 replies
  • 0 Likes
  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks