This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4105 Views
  • 0 replies
  • 0 Likes

User-ID Agentless question

Is there a reason why with Agentless User-ID I still never see any logs in Monitor? As shown below it definitaely is working but traffice logs do not sohw user-ids. I have a any any policy and user-id box is checked on the zones. ANy ideas? I ahve agent on a 2012 server I do see in logs ia se failed to connecr to LDAP but def its working from ...

Error upgrading PA200

hi, We have a PA200 in version 6.1.0 and we install the versions 6.1.11 but we receive this error: "Failed to install 61.11 with following errors. SW version is 6.1.11 Error: At least one local superuser should be defined in Administrator. Failed to install version 6.1.11 type panos." We have created 3 local superuser admins. so we dont kn...

Resolved! Using ECMP and path monitoring

Hi all, Does anybody try to configure ECMP ? I did and it works perfectly. Only one question: on which condition, palo stop sending traffic through one of the ECMP gateway ? I tried many config but the only one working is to shut the palo interface. Mean there is no path monitoring ? Waht's happen id the telco link is done ? What's happ...

VinceM by L5 Sessionator
  • 8001 Views
  • 6 replies
  • 0 Likes

Resolved! Issues with Webpages Hanging

Hi All, I'm new to Palo Alto and have been having issues with content loading on my network. Across the network, webpages that are being loaded in browser will periodically hang and as soon as the user refreshes them they load right away. Also video streaming and image viewing applications appear to behave the same way in that a user will try ...

HA1 interface was down during 1 second by restarting connection after heartbeat failure.

Hello, I wathched strange logs. Hence I would like to get your help. Please look at the following logs. PA missed 4 pings then restaring connection. So HA1 interface was down during 1 second. I remember take-over just happen after missed 4 pings. Probably, I have never seen the log for restarting connection. Was something on default behavior...

Resolved! How to configure NAT for untagged subinterfaces?

I'm trying to set up a fairly simple configuration where we have our separate wired and wireless networks connecting to the internet via one shared interface eth1/1Basically, I am attempting to replicate the configuration here https://live.paloaltonetworks.com/docs/DOC-1884 (but with only 2 local networks, not 3). This document stresses that exp...

Resolved! ACC 7.0 - App usage by IP

Im not finding the way to see the application usage by IP on the new 7.0 ACC. For example in the old ACC when i click in one of the top App (for example SSL) it send me to a new page that shows me the top sources and top destination for that application. In ACC 7.0 it doesn´t look like that.

aprync by L0 Member
  • 3930 Views
  • 4 replies
  • 0 Likes

Requiring "Continue" to download PE executables?

How have people done this in practise? We would like to prompt people so they have to choose "continue" to download PE executable files. I know this only applies to "web-browsing" but when I test this, a Google Chrome update shows as "web-browsing" and isn't interactive so the user doesn't get the prompt to continue, nor does the update down...

Panorama admin authentication and Admin Roles

Hello, Is there a best practices guide regarding Panorama Admin roles that includes the pros and cons of using Radius vs Active Directory or even TACACS+ to authenticate Firewall/Network admins. What are other large Enterprise environments doing? Goals: 1. Minimize account administration in multiple locations 2. As we already have strong A...

Best 7 OS version

I am planning on moving to the best version of the 7 OS next month any one have a preferred version or any gotcha's to avoid?

jdprovine by L4 Transporter
  • 3058 Views
  • 4 replies
  • 0 Likes

About throughput performance with only url filtering

Hello, I have questions. I know throuhput performance is half when using Threat Prevention. If we would use only url filtering, how is PA's throughput performance? Is it same when using TP or only using application? And If we would use only file blocking, how about? I think if url-filtering and file-blocking use signature-match-chip, it wo...

Resolved! DBL Formatting

We're having an issue getting firewalls running PANOS 6.1 and 7.0 to consume the DBL's created by Minemeld output nodes. None of the output node URL's end with .txt, which appears to be a requirement according to the live documents below. However, .txt cannot be added to the output node name in Minemeld. Is there some configuration we're missing...

nbilal by L3 Networker
  • 32284 Views
  • 14 replies
  • 0 Likes

Resolved! Complex User-ID Scenario... Ideas? Solutions?

Hey all -I work for a very large global organization. Our design for User-ID is such that some locations can use the UID Agent, others can't - and so they use the Agentless, on-box UID. One issue we have is that we have thousands of what we call "common" and "job" (or, process) accounts that some people use to access remote machines from their...

Error updating Panorama to 5.1.0

Hi, we have installed the version 5.1.0 in Panorama and changed the values (LSI,RAM,SO) in VM, but when we restart the VM the panorama is not going up. CMS withouth credentials is not working. Maintenance mode shows this: What could we do???

panorama.jpg
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks