General Topics
Showing results for 
Search instead for 
Did you mean: 
General Topics

Forum Posts

Happening in June: The Complete Zero Trust Network Security Event

Greetings everyone, Don't miss Palo Alto Networks' Complete Zero Trust Network Security event coming up in June. This event will cover the following points related to the newly unveiled Zero Trust Network Security: Secure access to the right applicat...

jdelio by Community Team Member
  • 1 replies

Resolved! GlobalProtect, Working from Home, Prisma Access and Covid-19

To all, Just wanted to post a message about the Hot Topic right now, which is Covid-19. With all of this going around, everybody's health and safely is the utmost concern. Keeping your hands clean, washing your hands (A LOT), using hand sanitizers, a...

jdelio by Community Team Member
  • 41 replies

Active sessions across inactive vwire

Just curious about what I'm seeing. I have two interfaces that are in a vwire. The switch interfaces which go to the the FW were shut down last week yet looking on the firewall, I see that there are still active sessions which show these two interfac...

epeeler by L2 Linker
  • 1 replies

Resolved! Croxyproxy Block

Hi Team, We want to block croxy proxy in palo alto firewall. There is no application for this proxy to block. We already tried blocking the category proxy avoidance but it doesnt help even after applying it after decryption ssl packets. We are seeing...

Resolved! NTP server

hi guys, i am lookin to config PA 5220 as a NTP server for my lan network, this whole network is completely off of it possible to config if yes what are the steps.I tried keeping the Primary and secondary NTP fields blank, but if want to ...

user-ID non-domain windows systems not being logged

Hello PAN community,I have setup user-ID with Active Directory and the hostnames and user names for domain joined systems are being logged in the firewall's monitor.Some systems have their hostnames resolved, but others are just showing IP addresses....

Getting intermittent unknown UDP traffic logs

Hi All , I am having policy having application group and set services as application default . Sometime policy is working fine but sometime its dropping packet and in logs showing application unknown UDP. Could you please suggest any troubleshooting ...

deepak12 by L3 Networker
  • 4 replies

Unexpected behaviour in security policy

I have one server belongs from the DMZ zone.Example:-server ip- ip for VPN user - zoneDMZ zoneThere is 2 scenerio:-policy(1) - I have created a policy like:-sourcezone- VPNzonesource ip - zone - DMZ zonedes...

Resolved! Adding Routes via Windows

Hello, I'm attempting to add routes via cmd using the 'route' command but I'm encountering issues, none of my traffic is being passed by the gateway. My intent is for a host ( in this example) to egress out of R1 ( to another ne...


SMC SSD Failure Detection : Press F1 to Resume

I recently stumbled upon this error and found very little documentation on the subject that I only found after the fact. On the SMC of the 7000 series firewalls, there is a SSD. This SSD will fail over time. I found out when rebooting after an upgrad...

Kocian by L1 Bithead
  • 1 replies

Audit Global protect server

Hi, We launched a sslab test for a GlobalProtect Portal website. Our note is B. We would like to improve these two things but we dont know what it can be done in PA config. These are: There is no support for secure renegotiation. MORE INFO »This serv...

jesuscano by L4 Transporter
  • 2 replies

PA-3020 OS 9.0 either support GRE Tunneling Support

We are planning to upgrade PA-3020 devices to PAN-OS 9, please advise either PA-3020 devices can be upgraded to OS 9PAN-OS 9.x is to use new features introduced in new OS like GRE tunneling, would you please confirm either our device PA-3020 support ...

GP Issue with LDAP timeouts

Hello Folks , We are having an issue with LDAP auth . We have two servers in LDAP profile The timeout settings areBind timeout 30 secondsSearch timeout 30 secondsRetry 60 seconds The GP timeout is 80 seconds The behaviour is quite r...

Resolved! dedicated HA interface

Hello, I would like to ask if there is some way to take a packet capture in ha dedicated interfaces I know how to do it in management interface and data plane interface but not found information about how to see the traffic in this interfaces, thak y...