This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4253 Views
  • 0 replies
  • 0 Likes

Resolved! OID for network topology

Hi, I got one request where the client is asking about the OID for L2/L3 topology and arp cache table. I checked the following article but it doesn't have any reference for the above. https://live.paloaltonetworks.com/t5/Management-Articles/SNMP-for-Monitoring-Palo-Alto-Networks-Devices/ta-p/61052 Appreciate your help! Regards,Sharief

Resolved! Topology of Panorama

Hello, What type of topology does Panorama use? For e.g. if we have 4 FWs A,B,C,D then will each be connected separately to Panorama? If so, will there be overhead issue? What if B,C & D are connected to A and A is connected to Panorama? How to access B/C/D if A is unreachable? Thanks in Advance.

Farzana by L4 Transporter
  • 2572 Views
  • 1 replies
  • 0 Likes

WildFire unable to block the file

Dear Experts, A file gets downloaded through PA, in WildFire submission logs I can see the action as "forward" as expected. After that action is "wildfire-upload-skip" that means the file has been seen by wildfire before and the verdict is "Malicius". but wildfire action is alert even though I have set action and wildfire action as Reset-both in...

WildFire1.PNG
WildFire.PNG
fozail by L3 Networker
  • 4731 Views
  • 5 replies
  • 0 Likes

Google Dynamic search unavailable after implementing "Safe Search + SSL Decryption"

I recently implemented Google Safe Search + SSL Decryption for a small test group and it all works as expected/described.Thanks for the excellent documentation on this! The only odd thing I noticed is that I seem to have lost the Google Dynamic Search option.The Google Dynamic Search is when Google automatically starts suggesting what you might ...

2016-09-23 10_14_06-Google.png
2016-09-23 11_09_02-Zoekinstellingen - Internet Explorer.png

Resolved! site-to-site VPN redundancy with one ISP at the branch office and two ISPs at the home office?

Hi there! We have had a site-to-site VPN setup between our home office and branch office for about six months. We have a pair of PA-500 at the branch, and a pair of PA-3020 at the home office. The home office has two ISPs setup in a dual-vr failover configuration, and the branch has just a single ISP. I tried to setup a second IPSec site-to-site...

uvdes by L2 Linker
  • 4213 Views
  • 5 replies
  • 0 Likes

vulnerability id 31327

Hello, Start 10/13, I have been getting medium threat alert for vulnerability id 31327 (Attempted Antivirus Detection Bypass via Malformed ZIP Archive). I beleve it is my iOS devices connect to apple store to download app updates. Anyone else sees these? It is using the action is reset-both, but I still able to complete the download and inst...

Screen Shot 2016-10-22 at 7.13.09 AM.png

SNMP and ARP

Is there a way to pull the ARP table from a firewall using SNMP?We have tools that utilize the ipNetToMediaPhysAddress (OID repository - {iso(1) identified-organization(3) dod(6) internet(1) mgmt(2) mib-2(1) ip(4) ipNetToMediaTable(22) ipNe…) on other network devices, but it doesn't seem to be present in the Palo Alto firewalls.Thanks.

hkp by Not applicable
  • 8867 Views
  • 5 replies
  • 0 Likes

Resolved! New DNS configuration issue

Hi All, I have coinfigured a new DNS server on Palo Alto device. However, it is still sending queries to the old DNS servers.Please help. Regards,Raghav

Raghav_B by L2 Linker
  • 10677 Views
  • 15 replies
  • 0 Likes

set up TCP ports timeout

Hello Community, I need to know if it is possible? change the timeout for the following TCP ports to 4 hours (14400 seconds)TCP 1521TCP 2101TCP 1601-1630TCP 2101TCP 18400-18430 Best RegardsAndres Padilla

Apadilla by L3 Networker
  • 3237 Views
  • 3 replies
  • 0 Likes

Dynamic virtual routers

Can interfaces be assigned to two different virtual routers so that for example if a particular static route stops working it will "dymanically failover" to the other virtual router which has another static route for the interface? Sorry I'm pretty dumb when it comes to routing.

PPoE with Static IP Block

Need to set up a small office with a PA-200 using PPoE. Simple enough...but the ISP has allocated a /29 static block (5 usable IP addresses). We currently have a few 1to1 NATs in place for an SMTP relay and web server so being able to use the entire 5 IP block is necessary. All of the instructions and tutorials pretty clearly use a single IP in ...

PA-200 RULES

Good afternoon. I have a PA-200 and would like some help! Where can I create a rule below within Palo Alto. FORWARD -s 10.0.0.0/16 -d 192.168.1.0/24 -j ACCEPT FORWARD -s 192.168.1.0/24 -d 10.0.0.0/16 -j ACCEPT I am new to my company and I do not know Palo Alto

  • 24362 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks