This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

GlobalProtect registry and script settings

Can anyone help with the GlobalProtect script settings.I'm trying to set up a post-vpn-connect script.I've added the registry entries and added the comment string. My question is more around the value, the example given is "c:\users\test_user\post_vpn_connect.bat c: test_user" I guess I'm confused with the "c: test_user" portion of their example...

Migration from PA3020 to VM-200

Hallo, I'm facing a migration process from PAN-3020 with two vsys (vsys1 and vsys2) to VM-200 without vsys. I'm trying to use Migration Tool but I'have problems with migrating objecst - addresses, services because they are under vsys1, vsys2 and shared. VM-200 not support shared objects. What is the best way to achieve this? Any ideas? Regards.P...

pkmiec by L0 Member
  • 3340 Views
  • 2 replies
  • 0 Likes

Failed to add correlation object 601x

This morning, I've received the following alerts from both of our PA-3050 firewalls: Failed to add correlation object 6011Failed to add correlation object 6012Failed to add correlation object 6013Failed to add correlation object 6014Failed to add correlation object 6015Failed to add correlation object 6016Failed to add correlation object 6017 It...

Resolved! What PAN-OS version is support currently recommending?

What PAN-OS version is PAN support currently recommending for active/passive PA-3050s? Last I checked (a few months ago), it was 7.0.8. We're currently running this version, but it has a minor bug that is impacting us. We were told by support a few months ago that the bug is fixed in the 7.1.x branch and that there are no plans to fix it in 7...

Error reading last checkpoint

Hi everyone, I am facing an issue that floods my output SIEM a little to often. The issue seems to be that the miner node is unable to register where it left of during the last check. Any tips on solving this? 2016-11-14T08:54:30 (17269)base.read_checkpoint ERROR: sslabusech_dyreblacklist - Error reading last checkpoint Traceback (most recent ca...

Forseti by L1 Bithead
  • 6135 Views
  • 5 replies
  • 0 Likes

Oracle Web Cache/Proxy fails when behind Palo Alto Firewall

I have a situation where by when an Oracle Web Cache server is placed behind a PA firewall, the application takes time to load or fails in some cases. The design is as followins;Windows 7 Client --> Routers --> PaloAlto Firewall --> Radware Loadbalancer port 80 (VIP) --> Oracle WebCache Server port 7777 --> Backend Oracle Apps....

Resolved! Check error on interface

Hi, I was playing around with CLI and typed the command:>show system state filter sys.s1.* | match crc Then got this details:sys.s1.p5.detail: { 'bad_crc': 0x157352, 'fragments_pkts': 0x1247, 'mac_rcv_error': 0x228b09, 'pkts1024tomax_octets': 0x13e0fad85, 'pkts128to255_octets': 0x237e24c6, 'pkts256to511_octets': 0x31eb1cec, 'pkts512to1023_oct...

MineMeld Docker

I started building out a very simple dev (read: unhardened) docker build for MineMeld here: https://github.com/swannysec/MineMeldDocker Looks like it won't start up correctly inside a container and I think it might be related to the use of UNIX sockets and/or something to do with supervisor. Anyway, feel free to take a stab at it! I have to ...

rsyslogd dependencies problem

Hi Luigi, I was testing stdlib.localSyslog to correlate paloalto logs with indicator following this article https://live.paloaltonetworks.com/t5/tkb/articleprintpage/tkb-id/MineMeldArticles/article-id/11 But I was unable to make it work. After a while, I have noticed that rsyslogd was not running. If you run "service rsyalogd status" says th...

uam by L1 Bithead
  • 6370 Views
  • 3 replies
  • 0 Likes

Link types for HA

I have a client who wants to split their PA3020 HA cluster between 2 datacenters. What are the limitations for the HA1/HA2 interfaces in terms of distance, and network latency for active/passive HA to work cleanly. On a 3020 can HA1/HA2 functionality be forced through an in-band interface? (not desireable,) The customer prefers a single route...

rswart by L0 Member
  • 2468 Views
  • 1 replies
  • 0 Likes

BGP Multiple ISP VR Requirements

I'm attempting to wrap my head around a very critical piece of setting up BGP between 2 ISP's concerning how many Virtual Routers are required. I currently have 1 ISP (A) up and running on BGP just fine and my other ISP (B) will be converted to BGP on Monday. Both will be advertising my public IP space from ARIN. So my question is, do I put bot...

Application Filter Traffic Reports

Is it possible to view traffic related to a specific application filter through the "Monitor" tab? For example, if I setup an application filter for the "gaming" subcategory, can I view the related traffic without specifying each application individually or generating a custom report? I'm running Panorama 7.1.5 and I'm not seeing an option to fi...

Resolved! Best Practice policy 7.1

I am attempting to implement best practice internet gateway in the 7.1 admin guide. One on the steps toward the end is creating Temporary tuning rules to see what applications are communicating over non-standard ports. I have rule above the tuning rules allowing for web-browsing and ssl over "application-default" I was surprised on the amount of...

web-browse log.PNG
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks