Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 160 Views
  • 0 replies
  • 0 Likes

PA5410 Version 10.2.4 not allow to set offload to true

Hello
We are detecting sporadic CPU spikes on a FW 5410 version 10.2.4 , the average is fine however, we observe sporadic spikes of 95% 96% ...100%. Before with the old FW model we did not have this problem and we have not changed any configuration.

W

...

Alpalo by L4 Transporter
  • 1020 Views
  • 2 replies
  • 0 Likes

TCP-RST-FROM-CLIENT and TCS-RST-FROM-SERVER

Hi All, 

 

As captioned in subject, would like to get some clarity on the tcp-rst-from-client and tcp-rst-from-server session end reasons on monitor traffic.

 

Even with successful communication between User's source IP and Dst IP, we are seeing tcp-rst-

...

Jimmy20 by L2 Linker
  • 217559 Views
  • 6 replies
  • 2 Likes

Support account with personal email?

Purchased a 440 lab unit for my personal lab through my previous employer who is no longer in business (and inaccessible email) so I need to now register it with my own personal email but am having trouble. Trying to study for PCNSE after getting my

...

VK9H13 by L2 Linker
  • 671 Views
  • 1 replies
  • 1 Likes

Upgrade VM-Series model - VM100 to VM300

Hello.

I have as a goal to upgrade the palo alto firewall from VM100 to VM300.

 

I am in a process of understanding the process, so I am wondering if I could get some assistance from this forum.

Thank you in advance.

 

Going through the guide

Upgrade

...

alwi by L0 Member
  • 884 Views
  • 1 replies
  • 0 Likes

Cloud Identity Engine

While attempting to synchronize an on-premises server with Cloud Identity Engine, we encountered the following error

 

Confirm the domain name configured on the agent matches the Canonical Name of the domain controller to ensure Cloud Identity Engine

...

Screenshot 2023-05-24 221725.png
Screenshot 2023-05-24 221635.png

VPN Site-to-Site Private IP and Public IP

VPN Site-to-Site Private IP and Public IP

Good afternoon everyone, is it possible to set up a Site-to-Site VPN between a site with a Palo Alto Private IP and a Palo Alto Public IP.


Site Privado: PaloAlto---IpWan-192.168.1.254---Router/Modem--------Inte

...

Metgatz by L4 Transporter
  • 5404 Views
  • 7 replies
  • 0 Likes

SD-WAN Hub and Branch PANOS versions

Is there a requirement for PANOS version to match for SD-WAN or for the Hub site to be of a higher version of PANOS.

 

Example: Hub is on version 10.2.4, Branch is on 10.2.6

 

Would there be any issue with this?

teaton by L0 Member
  • 507 Views
  • 1 replies
  • 0 Likes

GP stops working when ecmp is enabled

We have Palo Alto firewall with three Internet links. One is a leased line and other two are ADSL links. I have configured ECMP on the two ADSL lines to load balance traffic on the two ADSL links. Global Protect is configured on the leased line. I ha

...

Dijesh by L1 Bithead
  • 2281 Views
  • 11 replies
  • 0 Likes

Resolved! Received Suspicious alerts "-- MARK --"


We are receiving suspicious alert from Palo Alto firewall on syslog server. how to stop receive these alerts. 


<46>Oct 24 05:50:14 PA-3020 -- MARK --
<46>Oct 24 06:10:14 PA-3020 -- MARK --
<46>Oct 24 06:50:14 PA-3020 -- MARK –

Karthi_N by L1 Bithead
  • 1352 Views
  • 2 replies
  • 0 Likes

Resolved! Self-Signed Certificate Issues

Hello everyone,

 

I am trying to make a self-signed cert for use with Global-Protect in my lab. I go into Device, Certificates, Generate, give the cert a name, Root_GP_Cert, common name of 192.168.189.155 which is the WAN side IP Address. Click the C

...

GWynn by L3 Networker
  • 3241 Views
  • 2 replies
  • 0 Likes

Stateful Session rely on interface or Zone

Hi There,

  Currently, I'm testing redundancy for vWire pair. I have replicated the existing vWire and sub-interface configuration to another couple of interfaces. Now both the vWire pairs have identical configurations including the zone. I anticipat

...

  • 23595 Posts
  • 107 Subscriptions
Top Liked Authors
Labels