This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4112 Views
  • 0 replies
  • 0 Likes

Multi Critera Show Command

One problem I'm running into with the Palo cli is the ability to search the configuration for configuration matching on multiple criteria. For instance, I'd like to display output showing all disabled security policies that include a description.I can search for disabled policies (show | match "disabled yes") OR I can search for policies with d...

Port forward does nt seem to work

HI imagine this scenario: Internet 1.1.1.1 PA 2.2.2.1 ---- 2.2.2.2 ROUTER 3.3.3.0/24 network I am forwarding all packets received to 1.1.1.1 https to 2.2.2.2 https which then re-nat to 3.3.3.0/24 host With a stupid dlink 50$ router instead of the PA, everything works. I just forward https to 2.2.2.2 and it works. with the Palo, no way. In the ...

myrdin by L2 Linker
  • 2368 Views
  • 2 replies
  • 0 Likes

Palo Alto 200 Setup for home use

I have been given a PA200 to setup at home to get myself familiar with Palo Alto firewalls. I have a cable modem and wireless router that will need to be connected to the PA200. I have followed the instructions on this article to get it setup:https://live.paloaltonetworks.com/t5/Configuration-Articles/Setting-Up-the-PA-200-for-Home-and-Small-O...

Hmtreviz by L1 Bithead
  • 11906 Views
  • 21 replies
  • 0 Likes

Resolved! Dynamic IP ISP NAT

I'm trying to figure out how to NAT a single server and port to my external IP address if the outside interface from the ISP is dynamic. How do I translate it if I don't have a destination address?

Resolved! HA Firewall Transition into Panorama

Hi, I have a pair of PA-3020 in Active/passive in production that will need to be imported within Panorama 7.0.3. After importing each device config, does anybody knows what will happen while pushing from panorama the device configuration bundle to each firewall...will it break the HA ? Since panorama policy and objects, device and network temp...

Tool to help map out your PA configuration

I need to go through my PA and map out the security zones, NAT rules, and so on that have accumulated over the years and I need a tool to help me scrub through the configution and sort out what is going on. I heard there was a tool called Clikr or Clickr or something like that that is an open source tool that is supposed to help with this kind ...

RustyPA by L1 Bithead
  • 5192 Views
  • 4 replies
  • 0 Likes

Resolved! Possible to store foreign ssh key on the firewall (for key-based scp transfer)?

I want to be able to use scp from the firewall to transfer a config file to a remote server without entering a password. So I need to store the remote user's public ssh key in the equivalent of an authorized_keys file on the firewall. Is this possible? What I'm trying to do is schedule an automatic pull of the running-config.xml down to a server...

dsegel by L0 Member
  • 4026 Views
  • 2 replies
  • 0 Likes

Palo Alto as a DNS Server

I have a very small network without a DNS server and I'd like to if possible use a PA200 as a DNS server. I want to try to create static DNS entries for a few hosts on the PA, then point those hosts to the PA as their DNS server. Does this work? Any caveats?

RustyPA by L1 Bithead
  • 4545 Views
  • 3 replies
  • 0 Likes

Scheduled a reboot of managed firewalls (tasks) from Panorama

Hello everyone, I want to know if is possible to ask Palo Alto to add this feature to Panorama, we have 100+ firewalls at branch offices, when we applied a software upgrade for example 6.0 - 7.0 it always ask for a reboot to apply the new version (In a perfect world we could reboot the firewall at any time but sadly is not possible until third s...

scp export with unexported-only option

Hi,I would like to know how to use the unexported-only feature with this command:scp export log traffic to user@ip:/path/test.csv start-time equal 2016/08/14@00:00:00 end-time equal 2016/08/14@23:59:59 Also is it possible to invoke it through the API? Thanks!

amagri by L1 Bithead
  • 4829 Views
  • 4 replies
  • 0 Likes

Static Routes not Working

I have a network with in my network that I am trying to control access with user-id in the palo alto. Before I can do this I need to get routing working. The routing works just fine up to the palo alto in my test environment. Each interface can talk to the next hop on the otherside but traffic isn't routing across the interfaces. I can not p...

trees by L1 Bithead
  • 8833 Views
  • 4 replies
  • 0 Likes

application not working.

I had a customer connecting to an application from trust to untrust. It was working and then suddenly stopped working.I could see in the logs it was coming as port 443 and application -incomplete and then next day it started working with port 443 and application ssl. Any logical reason why this would happen. Running 7.0.6 PA200.

about mtu

Hello all, There is a problem with a smb traffic(very very slow)For the related source and dest. ip address 2 filter is configured and show counter output has : flow_fwd_mtu_exceeded 9 3 info flow forward Packets lengths exceeded MTUflow_ipfrag_frag 18 6 info flow ipfrag IP fragments transmitted There is no drop.All devices through the way has m...

PanIst by L3 Networker
  • 2553 Views
  • 1 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks