This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4229 Views
  • 0 replies
  • 0 Likes

Resolved! DMZ Web Server Access Setup

Hello Community, I have set up a lab environment shown in the below below that is meant to allow access from 192.168.1.X to the sever 10.2.2.1 using static NAT ip address 192.168.1.251 I have configured everything as demonstrated in the CBT Nugget see below for the NAT and Security Policies However, the policy wont

IMAGE.png
NAT POLICY.png
Security Policy.png

Blocking brute force SSH to firewall

For various business reasons I need to allow SSH directly to a PA-3020 to manage the unit. Is there a way to apply a vulenerability policy to this traffic so that I can block bruteforce attacks? Thanks Dustin

dscott98 by L0 Member
  • 5686 Views
  • 3 replies
  • 0 Likes

Resolved! How Passive FTP is filtered in Palo Alto

Hi Guys, I know application FTP covers both Passive and Active FTP. However, my question is how it filters the traffic. I mean how a server Intiating a connection to the client will be filtered and allowed. Can anyone help.

yadsingh by L2 Linker
  • 13273 Views
  • 3 replies
  • 0 Likes

Can I Obtain the CVE in the PA event Log

We have numerous PA firewalls that alert for vulnerabilities. I also have a product that scans for vulnerabilities in my network. The scanning device has CVE numbers in its events. The PA has PA's unique identifier in its event. Is there a way for me to pull in the CVE into the Pans threat event so I can correlate the PANs threat events to my ex...

Error after Upgrading to 6.1.10

I upgraded our Panorama and two PA3020's in a HA setup this morning. Afterwords I am getting the following errors committing from Panorama to our PA3020's. Details: . Configuration committed successfully Warnings: . vsys1 (vsys1) . Warning: NAT DIPP rule Source-NAT-Rules: Needed translated addresses space after multplying oversubscrition...

stjones by L0 Member
  • 4318 Views
  • 1 replies
  • 0 Likes

Syslog parser

Hi all, do you know if it is possible to use the syslog parser to obtain device information (for instance Operating system) and use this info in security rules?. I am using the syslog parser to obtain the IP-User mapping and it works perfectly, now I would like to obtain more info from the log. I know that the device info is available if you use...

ssancho by L2 Linker
  • 2702 Views
  • 2 replies
  • 0 Likes

Resolved! Panorama HA Status

Hello everyone, When I have 2 firewalls in an HA state after a few minutes my primary device gets a Non-functional (Drive error detected). I normally fix this by suspending the local device on my passive firewall. Is there a way to keep both devices up with out having to manually reset the local device. Thanks, Jeff

Resolved! forming firewall HA in a panorama managed environment

we have a panorama managed firewall and we push objects from panorama to it . we are considering to make a HA firewall setup . as per articles from PaloAlto , Panorama objects are not being synchronized.Question 1 : Should we add secondary firewall to Panorama prior to forming HA cluster and ensure it's completely synced up ? Question 2 : Is the...

User-ID Agentless question

Is there a reason why with Agentless User-ID I still never see any logs in Monitor? As shown below it definitaely is working but traffice logs do not sohw user-ids. I have a any any policy and user-id box is checked on the zones. ANy ideas? I ahve agent on a 2012 server I do see in logs ia se failed to connecr to LDAP but def its working from ...

Error upgrading PA200

hi, We have a PA200 in version 6.1.0 and we install the versions 6.1.11 but we receive this error: "Failed to install 61.11 with following errors. SW version is 6.1.11 Error: At least one local superuser should be defined in Administrator. Failed to install version 6.1.11 type panos." We have created 3 local superuser admins. so we dont kn...

Resolved! Using ECMP and path monitoring

Hi all, Does anybody try to configure ECMP ? I did and it works perfectly. Only one question: on which condition, palo stop sending traffic through one of the ECMP gateway ? I tried many config but the only one working is to shut the palo interface. Mean there is no path monitoring ? Waht's happen id the telco link is done ? What's happ...

VinceM by L5 Sessionator
  • 8100 Views
  • 6 replies
  • 0 Likes

Resolved! Issues with Webpages Hanging

Hi All, I'm new to Palo Alto and have been having issues with content loading on my network. Across the network, webpages that are being loaded in browser will periodically hang and as soon as the user refreshes them they load right away. Also video streaming and image viewing applications appear to behave the same way in that a user will try ...

HA1 interface was down during 1 second by restarting connection after heartbeat failure.

Hello, I wathched strange logs. Hence I would like to get your help. Please look at the following logs. PA missed 4 pings then restaring connection. So HA1 interface was down during 1 second. I remember take-over just happen after missed 4 pings. Probably, I have never seen the log for restarting connection. Was something on default behavior...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks