This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4131 Views
  • 0 replies
  • 0 Likes

VRRP other devices

Hello Guys,I´m new in the world Palo Alto, my company partner is now Palo Alto. I have not found documentation, but it is possible to utilize protocol VRRP in PA-5050 with equipment other manufacturers? Thank you.

Default Management Ports in PAN OS 7.1

Hi all The standard guide for configuring a PANW Firewall to allow access to HTTPS/SSH etc from the outside has been this link: https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Change-the-Default-Management-Port/ta-p/62333 But with the release of PAN OS 7, the provided instructions no longer work. A loopback interface cannot sh...

Resolved! www.myhomeenergy.org.uk

Hi guys, Can anyone do me a favour and navigate to http://www.myhomeenergy.org.uk on IE through a Palo. Does this work for anyone, or do you get a "Page not displayed"? Kind regardsJack

DNS Sinkhole Intended Destination

I've configured a DNS sinkhole in our PAN firewall, and it's helped our department identify machines that are trying to reach out to malicious domains and such. Is it possible to identify the original, intended, destination that the user was attempting to reach when they became innfected?

Resolved! Scanning AntiVirus through SMB

Hi guys, As a "test" I have isolated one of my test servers so that all traffic flows through the PA-500.On this test machine I installed IIS and set-up a simple ftp and websiteThis website folder is also accessible via a share. The policy rules to and from this test server hold the AntiVirus Security Profile with both http, ftp and SMB to "def...

Lync (Skype for Business) Across Organisations

Hi guys, Is anyone else having issues using Lync (Skype for Business) when messaging, or sending file transfers, to someone in a separate Skype Organisation in an external network? Not sure if this is a bug or not, as the application is being seen as Incomplete, and looking at Packet Captures the SYN ACK isn't being received. Kind regardsJack

VPN between 2 Palo Alto Firewalls

Hi there, I am trying to setup VPN between 2 Palo Alto Firewalls. On one side I have public address but on the other side I am using a private ip address as this Palo Alto is behind a router. The VPN is not coming up. I also tried to do port forward from the router to the Palo Alto but still no success. What am I doing wrong here guys or will it...

Active/Active HA managed by Panorama

In the Active/Active HA setup, there is an option to "Enable Config Sync". In the past I have used this because I didn't have Panorama. Now I have a new set of PA5050s that are running in Active/Active mode and we purchased Panorama to go with it. My question is should I enable the config sync? Or should I disable it since Panorama pushes to...

Resolved! Application Block Page

I have a question. How does application block page work? I have it enabled but it doesnt seem to work. User gets app denied by certain policy, it shows Monitor/Traffic that he is indeed denied but instead of getting app block response page he gets a blank page. Does application block page work only with http and not https traffic?

Marcin by L0 Member
  • 5090 Views
  • 3 replies
  • 0 Likes

Large Scale VPN (LSVPN) - Opinions from end users?

I'm looking for feedback from customers who have deployed LSVPN on PAN-OS firewalls. I'm getting ready to rebuild a highly manual, semi-fullmesh VPN infrastructure of abotu 10 sites. Yes, I have a mess on my hands. I am planning on a dual-hub and spoke model. The dual-hubs are two datacenters that are connected via IPSEC between them. Each of th...

rpugh1 by L0 Member
  • 2930 Views
  • 2 replies
  • 0 Likes

HA strange behaviour

Hi, we have a cluster Active/passive PA3050 in PanOS 7.0.9. Yesterday we realised that one of our firewalls was having a strange behaviour (event HA), and this morning this FW was in maintenance mode, i had to reinstall the image 7.0.9 and cluster is OK now, but i dont know if this will solve the problem o the problem will happen again. Can you ...

HA.jpg

Zone Protection stats

I have recently setup/enabled some zone protection on one of my interfaces. I have set the values high since I have no way of knowing how much data is actually passing the interface and what threshold would trigger the dropping. Now that its running I know I can run the following command "show zone-protection zone untrust" to see the current cou...

murphyj by L2 Linker
  • 3689 Views
  • 2 replies
  • 0 Likes

Routing through same interface

HI just ran into a very weird issue today. A PA running version 7.1 The PA has IP 192.168.1.254 and it is the default gateway for the network. There is another network 192.168.2.0/24 reachable through 192.168.1.200. There is a route in the PA that says to reach 192.168.2.0/24 go to 192.168.1.200. This is same-zone routing. I have also disabled ...

myrdin by L2 Linker
  • 11454 Views
  • 14 replies
  • 0 Likes
  • 24337 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks