This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

Resolved! Dual ISP Branch Office with PA HA (2 PA with HA Configured

I see examples of using 2 ISPs with one PA. I also see that senario with Global Connect, Lad Balancing and IPSec Tunnels. However, I do not see where it states these types of senario's can be used in a PA-200 HA senario. Can anyone shead some light on using Dual ISP's with HA Palo Alto Firewalls. I know the fail-over is different on the PA-200,...

Resolved! Palo Alto Configuration Using CLI

Hello, My question is as follows: If I make changes (ruleset, objects, etc.) from the command line, how do I get those changes to show up in the GUI? What if by chance someone else is working in the GUI; what happens to my changes if a save and commit is done? Or, if I perform a save and commit? Situation: Brand new firewall is installed and in...

jasfree by L1 Bithead
  • 3171 Views
  • 3 replies
  • 0 Likes

Resolved! PAN 0S 7.1.1 Mode active/passive Still Display Not Synchronized

Hello After Upgrading To 7.1.1 The 2 devices PA-500 mode Active/Passive. The display keep Not Synchronized. The command -show job id x- for HA sync display OK (no warnings). The command -show high-availability state-synchronization- show all synchronized except A/A session stup A/A session stats and A/Packet (I am in A/P so it is normal). Is It ...

plebras by L1 Bithead
  • 8525 Views
  • 9 replies
  • 0 Likes

Revert back a 6 OS from 7 OS

Has anyone had to revert back from an upgrade? Especial from 7 OS from a 6 OS? If so how did you do it and how easy was it? I am preparing to move from 6.1.10 to 7.06 and I want to make sure that I cover every possible scenario. Luckily I have a secondary that I can try it on first. Can you revert back and reinstall the previous OS that you upg...

jdprovine by L4 Transporter
  • 4266 Views
  • 7 replies
  • 0 Likes

about ssl decryption error

Hi there, recently we have implemented ssl decryption in our network , But Chrome comes up with "ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION"

Resolved! VPNC + PAN-OS 7.1

Does anyone use vpnc (As in the linux ipsec client) with xauth connecting to a PA? We have a bunch o' PA's which we are in the middle of upgrading to 7.1 however once an upgrade from 7.0.6 to 7.1 is done, VPNC will no longer connect. Downgrading back to 7.0.6 again allows VPNC to connect. The error in the logs is (ISAKMP_N_ATTRIBUTES_NOT_SUP...

New to the Palo Alto platform and have a migration question

I am fairly new to the company I work for and have inherited a network that has two ISP's with two firewalls. One firewall is an older ASA and the other is a small Sonicwall. I have pretty good experience with the ASA platform. However, the Sonicwall is new. They currently have a DMZ configured on the Sonicwall using something called "Tran...

fcrooks by L1 Bithead
  • 6090 Views
  • 8 replies
  • 0 Likes

What's the best way to permit app on non-standard port?

For instance, web browsing on port 8080. I don't want to just set the service as I also want to use port 80 and there are other apps in the rule and I'd like to use app-default as the service. I defined a custom app with web-browsing as the parent and the port as tcp/8080. That worked until I upgraded to 7.1.2 and then it broke. I'm aware t...

Behaviour app override

Hi, we are having an issue using app override. 1) We have created a custom app for Oracle (without timeout). Using these ports: tcp1521-1541. This is the config This is the app override policy: This is the security policy (app any and ports involved in this app 1533 and 60xxx): Service profile for ports open in this ORACLE connectio...

App customized.jpg
appoverride.jpg
reglaaplica.jpg
ports high.jpg

Clearing Traffic Log

Running 7.0.6 on 7050's I cleared traffic logs and lost connectivity to management sever and took about 30 min after restart of mgmt sever for traffic logs to reappear . Is this normal. Which log file has info on managemt disconnect files/reason info.? Log Reevier logs showed LPC card shut down as well but wasn tsure if that would equally cause...

system alert high opaque: websrvr: Exited

After we upgraded from 7.0.6 to 7.1.2 in one go we started receiving this error message. Does anyone know what causes this ? We are running active/active on 3050's domain: 1 receive_time: 2016/06/02 10:25:41 serial: 001701002580 seqno: 2017446 actionflags: 0x0 type: SYSTEM subtype: general config_ver: 0 time_generated: 2016/06/02 10:25:41 dg_hie...

Nested Policies Suggestion

Not really sure where to put this, but thought it might be a good idea and wanted to share it. Im still rather new to PA and so far I am enjoying it! However, I noticed after a while of creating and editing security policies it becomes quite a mess and difficult to manage. I believe if there is a way to create folders or nested security policies...

aimet by L0 Member
  • 2163 Views
  • 1 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks