This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Configuring PA-500 - separate access to to different IP addresses

Hello All, I hope that you can help me with one, I would say, common task but I'm unable to find right answer to this.We are using PA-500 and behind it, there is 5 servers. We also using Global Protect for accessing to servers.I need to setup on PA-500 that one specific user need to access only to one specific server, while all other users can a...

How to License PA VM without Internet Access

Hello Community, I have followed the guide on how to Licence PM VM without internet access here https://live.paloaltonetworks.com/t5/Management-Articles/How-to-license-a-Palo-Alto-Networks-VM-Series-firewall-without/ta-p/66178 Everything seems to be going fine, however when try to manually upload license key I get the following error message, se...

license.png

Estimate PANOS 8 Release?

do anyone here have estimate when PANOS 8 release? because my client have existing problem that not resolve and will be resolve on PANOS 8. I forgot to ask TAC about estimate date PANOS 8 release.

User Authentication Profile update for VPN User-ID mapping PANOS 7.0.x

Dear All, i have problem in my VPN user Identification (they cannot login to portal) after there's update/change in my AD server group. I already doing this https://live.paloaltonetworks.com/t5/Configuration-Articles/How-to-Force-User-Group-Mapping-Refresh/ta-p/62597 to force user group mapping refresh. It's work to update my User-ID in my polic...

IBM Notes RPC protocol inspection

Hi,Our customer mandates that traffic crossing a DMZ must be inspected. We need to plan carrying, for old legacy purpose, the NRPC (Notes RPC) protocol which must through the PaloAlto device for inspection.Could anyone confirm whether PaloAlto can inspect this proprietary protocol as long as we don't encrypt it please?Many Thanks,Olivier Gaubert

VM-100 Not recognizing users from Cisco Wireless Lan Controller

Hi guys, Has anyone managed to successfully have their VM-100/Palo recognise the SNMP authentication requests from the Cisco LAN Controller to use for User-ID? I have followed the below document but to no avail. https://live.paloaltonetworks.com/t5/Integration-Articles/Use-Syslog-Receiver-to-Integrate-with-Cisco-Wireless-Controller/ta-p/52824 T...

Resolved! PA-200 DHCP Server across Interfaces

Is there a way on a PA-200 to setup port 1/2 and 1/3 with the same DHCP server access that is setup on port 1/4? Currently we have port 1/1 as Untrust, port 1/4 as Trust, and now we have a request to configure 1/2 and 1/3 as access ports for the Trust network. Getting Ports 1/2 and 1/3 access into the trust interface was easy but I can't figure ...

BPry by Cyber Elite
  • 7184 Views
  • 7 replies
  • 0 Likes

VPN with overlapping subnets

We have recently acquired 3 companies and all are using 192.168.1.0/24 as their local subnet. Now in a perfect world I could just go on-site and and change the addresses, but as well all know it's not and they have critical services running on AS400 systems that need to remain online during the transition. So here is where NAT comes in. I nee...

nthen by L3 Networker
  • 8934 Views
  • 6 replies
  • 1 Likes

ID 3805790 and 3805788 DNS lookup

Hello looking for more information on these Threat ID 3805790 and 3805788. In the monitor--> threat -->Type Field is showing up as spywareAttacker Field IP is private ip address Victim Field IP is public ip address. Victim Field public IP address is not the same and it does not match what shows up in the Name Field. The Victim Field IP add...

Bazar IPsec with Xauth RSA issue

A couple months ago I noticed my VPN on my phone stopeed working. I was originally using CM 12.1 but have since moved to mashmellow touchwiz for my Galaxy S5. Def not phone related as the issue remains, and is the same no matter what phone or OS versino being used and I'll provide some infra info before decussing the issue. I have two ISP, confi...

Zewwy by L3 Networker
  • 3126 Views
  • 2 replies
  • 0 Likes

Resolved! Deactivate the Licenses

Hi Guys, A quick question? If l am going to deactivate a licenses on the box does it mean that the time will stop on them. So when l will re-activate them later in a couple of months licenses will become active from the deactivation time/period? Can l activate auth codes to the same device/boxes?Also, when the licenses actually becoming active/v...

Block download\upload file from web based email

Hi, I've tried to set a new rule that will block download\upload file from web based email.The problem is that when user downlod files from outlook.com (for example) the service is not recognize as "web based email".Any suggsestions? Thank you!

Erez by L1 Bithead
  • 4729 Views
  • 4 replies
  • 0 Likes

User to IP mapping issues while connecting to WIFI(wireless)

Scenario: User comes to office connects to LAN. The user to IP mapping works correctly.We allow access to internet based on usernames.User disconnects the Ethernet cable and goes to different room where he connects with wifi.However loses internet connection. Because user to IP mapping is still with old LAN IP. What are the best practices to avo...

HA Failover in a Multi Vsys environment

I am currently setting up HA in a multi vsys environment, cant seem to find any documentation on the subject. Currently I have a HA pair of 5050's with 3 vsys, HA has been setup but how do I ensure when vsys1 fails it is the only system that fails over and not vsys2 and 3? HA has been setup with data link and control link and I am monitoring the...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks