This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Resolved! Subsecond failover with active/passive firewalls running dynamic routing possible?

Has anyone been able to successfully get subsecond failovers to work with active/passive firewalls running dynamic routing protocols such as BGP or OSPF? In our lab testing, it appears we can get the firewall to failover instantly, but then it takes BGP a few seconds to drop/re-establish. Our next testing will be OSPF to see if that helps spee...

jmurphy by L2 Linker
  • 4021 Views
  • 1 replies
  • 0 Likes

Software packet buffer depletion

We're currently observing something quite interesting:On our highly oversized PA-5050 firewall, software packet buffer 0 is, for several hours a day exhausted. This is the platform (pair that runs in High Avalailability A/P):family: 5000model: PA-5050sw-version: 7.0.4 This is the anomaly: > debug dataplane pool statistics Software Pools[ ...

Dulle by L2 Linker
  • 10149 Views
  • 6 replies
  • 0 Likes

Resolved! OSPF with redundant route

Hello. Currently we use OSPF as our routing protocol between five locations over a layer two IP Ethernet network provided by telco A. In order to get carrier diverse routes and add redundancy we are adding a second similar network provided by Telco B. We have a single “normal” (not stub or NSSA) OSPF area with a metric of 10 and a single redistr...

ldavie by L2 Linker
  • 5783 Views
  • 3 replies
  • 0 Likes

Resolved! CVE-2014-6271 Shellshock rules blocking Sharepoint traffic?

This morning our PAs began blocking internal Sharepoint document access with App-ID 36995. The traffic that is blocked is coming from IE11 + Windows 7 clients. I'm not sure why this bash vulnerability is being flagged as affecting Windows servers + clients in this case. Anyone have ideas?

Resolved! Multiple Addresses in the same ethernet interface

Hello everyone. I need to publish 2 webservers (192.168.23.10 and 192.168.23.11), both located inside my LAN (trusted zone) through 2 different public IP addresses (200.111.111.114 and 200.111.111.115). This is the configuration: admin@PA-500# show network interface ethernet ethernet1/1 ethernet1/1 { layer3 { ipv6 { neighbor-disc...

Resolved! Block google accounts

Hi, can You help with following question?: In my policies i want allow google base searching, but do not allow google accounts,or google apps.

Resolved! Import PA-500 config on PA-3020?

We have a 500 that we're replacing with a 3020 which arrived today. Should I need to do anything to migrate the config across other than an export and import of the running config? I know some things like ports will clearly need addressing but in terms of getting the base config across is there anything I need to be particularly aware of ple...

Resolved! GP Client IP/Route Assignment

Hello, I am having an issue with some clients when they connect remotely via the global protect client. Everything is working on most of the PC's who try to connect, but some users are receiving the issue. Here is the log of where the problem occurs : (T3584) 03/08/16 13:04:49:394 Debug(2280): Adapter friendly name is: Local Area Conn...

Resolved! User Activity Report for Managers

Management has asked for a weekly summary of department web activity on our new PA-500. I created a User Activity Report for each department but these reports are not conscise and difficult to read, especially for managers who would like a summary. Our old device had a group report of user web traffic that had graphs with helpful info like ...

MikeGill by L1 Bithead
  • 9758 Views
  • 5 replies
  • 0 Likes

how to combine layer2 and layer3 on a single port

5050 at ver 6.1.9 Hello all! You may want to sit down for this one. We have a core router that conects to a single layer 3 10GB port on a 5050 as the internet gateway. The 5050 also has several server netwks attached via 1gb ports. Again these ports are layer 3 and act as the gateway for these networks.. All connections on the 5050 are now lay...

vnt90 by L2 Linker
  • 11174 Views
  • 12 replies
  • 0 Likes

Resolved! Question about Palo Alto Networks Security Advisory (PAN-SA-2016-0004)

Hello, I have a question about this advisory. I would like to know the meaning about "prior" in releases affected. that "prior" means affected release is the inmediatly prior or all series of version (5.0.X, 6.0.X, 6.1.X, 7.0.X) ? Products Affected PAN-OS releases 5.0.17, 6.0.12, 6.1.9, 7.0.5 and prior Available Updates PAN-OS releases 5.0.1...

SOC_CSG by L4 Transporter
  • 2395 Views
  • 1 replies
  • 0 Likes

Palo Alto logs shown differently

Hi All, I have a query regarding Log monitoring. The logs for one user shows the entire subnet, where as for another user it shows that particular IP. May I know the reason behind it. Is there any setting that need to be changed or is it due to permissions.

Rravella by L0 Member
  • 2291 Views
  • 1 replies
  • 0 Likes

Max virtual routers?

Take the 3020 for example which can have a max of 10 virtual routers. Is that 10 VR's per vsys or 10 shared between any/all vsys's you have on the box?

mplewis2 by L0 Member
  • 3455 Views
  • 1 replies
  • 0 Likes
  • 24381 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks