This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4223 Views
  • 0 replies
  • 0 Likes

PAN-200 CLI - limited commands

hii`m trying to troubleshoot some vpn tunneling connection dropsso i logged to the CLI execute some commands to troubleshoot the VPNs test vpn ike-sa gatewayshow vpn ike-sa gatewaytest vpn ipsec-sa tunnel none of this command exist even in configure modePAN-200PAN-OS-7.1any ideas?Thanks

pan200.jpg
Gav-Yam by L0 Member
  • 2992 Views
  • 3 replies
  • 0 Likes

Captive portal + decryption + squid: https problem.

Hi,I try to configure path for users to access the Internet. I use Palo Alto and squid. But not everything works as I expected.The path:user---Palo Alto ---squid ---Internet.Squid is behind Palo Alto because of citrix users. I want to control citrix users access and in scenario: user---squid---Palo Alto--Internet, it's not possible. Squid change...

okress by L1 Bithead
  • 2971 Views
  • 3 replies
  • 0 Likes

Resolved! Session Info on one Interface

I'm trying to find the session info on our outside interface; however I can't seem to find a command simular to show session info for looking at one interface.

BPry by Cyber Elite
  • 2315 Views
  • 1 replies
  • 0 Likes

Resolved! Where is PAN-OS 7.0.0?

I have been running PAN firewalls for years and have been the person responsible for upgrading PAN-OS on them since PAN-OS 3.1.9. Each time, going from one release to a version in a different major release involved downloading the base version of the major release as well as the version I want to go to.For example, upgrading from 3.1.9 to 4.0.8...

VPN Tunnel down - Troubleshoot

Hi Admins,I need some help to troubleshoot our problem with the VPN Tunnels. We installed a Cisco to PaloAlto VPN tunnel. The PA in passive mode. But constantly the tunnels go down.Here are some log outputs:less mp-log ikemgr.log 2014-04-23 09:21:54 [DEBUG]: sockmisc.c:335:sendfromto(): sockname 122.152.XX.XX[500] 2014-04-23 09:21:54 [DEBUG]: so...

Hithead by L4 Transporter
  • 18287 Views
  • 24 replies
  • 0 Likes

Resolved! Exclude address on Zone Protection

So we use a Barracuda and when it sends out for an update to it's spam filtering it gets identified on the zone protection as a Host Sweep; is their a way that I can exclude it's IP address from getting identified?

BPry by Cyber Elite
  • 4012 Views
  • 2 replies
  • 0 Likes

Resolved! PAN‐OS 7.1.4‐h2 or PAN‐OS 7.1.4

Hello everybody After the security advisory PAN-SA-2016-0020).... I like to upgrade my actual version 7.1.3 to 7.1.4. But I like to know what are the meaning of -H2 and what is the differences between both versions. Best Regards Gonzalo

SOC_CSG by L4 Transporter
  • 2871 Views
  • 2 replies
  • 0 Likes

applipedia categories

Sorry if this doesn't belong in this location. I see in the applipedia that the applictions have a description. Does such a description or definition excist for the categories and more specifically the subcategories? For example, what is the difference between social-business and social-networking sub categories? Mark

mp34549w by L1 Bithead
  • 5683 Views
  • 4 replies
  • 0 Likes

Query regarding Dual ISP through 2 VPNs

Hello, Trying to verify fail over using redundant tunnel at two different sites but it does not work properly.Methods tried to test: 1:disabled the IPSec tunnel on one end, remote end which was monitoring the link failed over and chaned the routing table but the local PA kept the same route in the routing table. 2: changed the IPsec profile on o...

Farzana by L4 Transporter
  • 1769 Views
  • 1 replies
  • 0 Likes

Any stable release of 7.1 yet?

We recently purchased AutoFocus and I know for the firewalls themselves, it needs 7.1.x for a lot of the integration. Are there any recommened versions of 7.1 yet? I know 7.1.4-h2 was recently released. We mainly have PA-500s with a few 3020s and 200s out in production.

Resolved! urlfiltering.paloaltonetworks.com - certficate revoked??

Is anyone else having a problem browsing to urlfiltering.paloaltonetworks.com? We can't get to it from here. We are being told that the certficate has been revoked. (SEC_ERROR_REVOKED_CERTIFICATE) I tried two different paths to the Internet from our corporate network with the same results. The rest of paloaltonetworks.com is accessible. Than...

RSKadish by L2 Linker
  • 5904 Views
  • 5 replies
  • 0 Likes

Threat signatures requiring ssl decryption

Is there a way to determine if a threat signature requires ssl decrypt in order to provide protection. I undertsnad this could have at least three posibilities being fully required, partially required, and not required. Using signature 14616 in content version 608 as an example, I cannot determine if I will ever see hits on this threat ID if I d...

Lepton by L0 Member
  • 4180 Views
  • 4 replies
  • 1 Likes

Resolved! Issue With GlobalProtect VPN

Hi, Can someone please point me at the right direction? 2 PA-500 devices are in active-passive configuration. When connected via global connect, getting IP address in the correct range but cannot reach any internal address and trace route does not proceed beyond the first hop of the gateway on the Firewall. However, from a PC behind the firewall...

Farzana by L4 Transporter
  • 7766 Views
  • 9 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks