General Topics

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! Hardware refresh HA pair of 2050's to 3020's

I need to refresh some 2050's HA pairs for 3020 HA pairs. This shoud be a pretty simple prcedure but I cannot find any instructions on how to perform this upgrade. Beside the fact 2050's don't have dedicated HA interfaces, are there any other gotch

...

WAN Interface Not Registering MAC Address With Upstream L2 Switch

Hello folks, need some help here. After upgrading from 6.0.8 --> 6.1.0 --> 6.1.2, the WAN interface of the upgraded device, part of an HA-Pair in active-passive mode, does not register its MAC address with an upstream directly connected L2 switch.

...

Unused Rules

There is a feature to highlight unused rules. If a rule goes from used to unused does that feature show it as unused and if so how long does it take to show it as unused?

Resolved! Testing SSL Decryption (Cant use eicar.org due to symantec)

Any sites other that eicar.org I can use to test SSL decrption and response page? Due to symantec on 2012 server cant test using that site. Any recommendations will help

Telnet from the firewall.

I dont see any telnet option on the firewall. Wanted to telnet mail.com port 25 just to check connectivity.

Resolved! Home configuration PA-200 help

Hi guys,

Im new to this and im trying to install a pa-200 at home. I have managed to install it in a layer 2 configuration but i would like to install it now in a layer 3 configuration.

I have followed this article https://live.paloaltonetworks.com

...

Resolved! Send ICMP Unreachable panos7

Hello

What really is the purpose of using that checkbox in policy action with drop or reset ? What are benefits ? Thanks

Regards

Resolved! SSL Intercept

Hi all, before I head of and start configuring is it possible to test SSL Decrpyition in Vwire mode? I ahve a test server spun up in my lab and wanted to confirm

Threat prevention & Wild fire dynamic update issues

Any one having any issue with DNS with regard to a recent threat prevention and wildfire dynamic update?

Unused rules

Is it possible for a rule to show unused and be passing traffic? I disabled an unused rule and it seemed to affect traffic. I usually check it and it now show in the traffice monitor and it highlighted as unused. I also rebooted the firewall about a

...

Resolved! Using IPSEC tunnel as redundant link to a destination

Hello PAN Live Community,

I'm looking at having a redundant link to a given set of destination (servers) over an IPSEC tunnel when primary WAN link goes down.

What is the best way to do this ?

PBF ?

Resolved! Sinkhole Clarification

I have VWIRE setup rule is trust to untust (wide open rule to any) I added sinkhole profile to the rule. I also added a deny rule above for my sinkhole ip (53.53.53.53). I have my windows box pointing to .2.2.2 when I do nslookup on suspcisous s

...

Upgrade to 7.1.0

I upgraded our lab palo to 7.1.0 last night. Has anyone else upgraded anything in their enviornment yet? I don't plan on doing anything in our production enviornment until at least 7.1.1 or 7.1.2.

Not really having much time yet I don't have much

...

Resolved! Deployment software with 7.1: Cannot see firewall listed

Hi All,

After upgrade to 7.1, I cannot see firewall under:

I have this problem only with pan500, with 200 works properly.

Is that a bug or license issue?

Any kind of suggestion?

Best Regards

Luca

Resolved! group mapping issue

Hi all,

when try to Retrieve group include list getting below error :- Internal error. Please suggest.

Regards

Satish

Discussions

Welcome to the General Topics Discussions!

Rules and Best Practices

Ensuring a Safe and Secure Community: How You Can Help

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

Resolved! Hardware refresh HA pair of 2050's to 3020's

WAN Interface Not Registering MAC Address With Upstream L2 Switch

Unused Rules

Resolved! Testing SSL Decryption (Cant use eicar.org due to symantec)

Telnet from the firewall.

Resolved! Home configuration PA-200 help

Resolved! Send ICMP Unreachable panos7

Resolved! SSL Intercept

Threat prevention & Wild fire dynamic update issues

Unused rules

Resolved! Using IPSEC tunnel as redundant link to a destination

Resolved! Sinkhole Clarification

Upgrade to 7.1.0

Resolved! Deployment software with 7.1: Cannot see firewall listed

Resolved! group mapping issue

TLS handshake error when using my IPsec tunnel

Issue to send security policy forwarding log by email

Websites stopped working after update

FTP Transfer BIOC

after 11.1.5-h1 update, 11.1.5-h1 missing from software list

Re: Are there signature release for following vulnerabilities?

Re: OS Upgrade path to 10.2.10-h9

Re: Regarding Security Advisory CVE-2024-3393

Re: Anyone experiencing slow websites with PANOS patched for CVE-2024-0012/CVE-2024-9474?

NAT Question

Unlock your full community experience!

Rules and Best Practices

Resolved! Hardware refresh HA pair of 2050's to 3020's

Resolved! Testing SSL Decryption (Cant use eicar.org due to symantec)

Resolved! Home configuration PA-200 help

Resolved! Send ICMP Unreachable panos7

Resolved! SSL Intercept

Resolved! Using IPSEC tunnel as redundant link to a destination

Resolved! Sinkhole Clarification

Resolved! Deployment software with 7.1: Cannot see firewall listed

Resolved! group mapping issue