This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4444 Views
  • 0 replies
  • 0 Likes

high dataplane cpu utilization

Hi, I have PA-2020 which has high dataplane cpu utilization. It is stuck at 100% during business hours. It drops to 25% after work. I suspect too much traffic but is there an easy way to check what sessions/applications are the most cpu intensive? Maybe from CLI? Radoslaw

UMWL by L0 Member
  • 4047 Views
  • 2 replies
  • 1 Likes

Resolved! WildFire Config

I have a question re Wildfire config. When the setting is set to 'forward' it gets sent PA cloud for analysis, provided it finds something bad , I assume it is put into the WF signature and next time the file is seen it gets blocked ? What does the block setting do? Does block any file that is suspects to be questionable?

RC-BHF by L2 Linker
  • 2276 Views
  • 1 replies
  • 0 Likes

Tracking down source of ike-nego-p1-fail-common log entry

We have connected several branch offices using PA200 and PA500 with ipsec tunnels to a PA3020 at our corporate office. The corporate server is registering similare errors twice every 3 seconds. The error: IKE phase-1 negotiation is failed. Couldn't find configuration for IKE phase-1 request for peer IP xxx.xxx.xxx.xxx[52402], ID ipaddr:yyy.yyy...

Resolved! PA 200

What's the best decription for a Palo Alto 200 device? Firewall or Network Security device?

tsadlier by L0 Member
  • 3886 Views
  • 4 replies
  • 0 Likes

Outlook 2010 Clip Art Thumbnails not Displaying

We just switched to PAN DB and are using the PAN to do SSL decryption. The policy i am using also does not have safe search enforcement enabled. What i have tried is, do a packet capture and found the exact uri, exempted that uri from decryption and allowed it on the policy. Added addition domains and urls found on google searches to the sam...

Resolved! Active/Active HA in vwire mode - Link Monitor

When configuring an active/active pair of 5060s in vwire mode, is there a need to configure link monitoring? the 5060s are setting behind an HA pair of Cisco 5585s and want to ensure the Palos failing over will not affect the traffic from the ASAs. I have an HA 3 interface conifgured but since both firewalls will process traffic, is there a ne...

Using Global Protect Internally - Several Questions

I am fairly new to the world of Palo Alto, so I apologize if this is answered elsewhere. My team is looking at an implementation scenario, and I have several questions as a result. I figured this community would be the best place to start. We are currently looking to implement Global Protect internally, as a possible replacement for Cisco NAC ...

Resolved! Acknowledge Traffic Log Threshold Alarms

We recently reached the point where our traffic logs are reaching 90% of quota and alarms are being generated. I understand that this behavior is normal and I do have the option of turning alarms off if I wish. I don't want to turn them off but I see the option to acknowledge them. What I'm wondering is do these acknowledgements ever get purg...

SystemAlarms.jpg
herrmoss by L2 Linker
  • 6477 Views
  • 5 replies
  • 0 Likes

Using wildcard pattern/ regex in URL filter

Hello, I like to exclude subdomains from decryption. Therefore I've created a URL category. But I don't like to exlude all subdomains only specific subdomains. For example: I like to exlude domains starting with "whatsapp" and ending with "facebook.com". So the URL whatsapp-p3-bgp-01-iad3.facebook.com should be exluded from decrypten. But w...

IP confilicting error

Hi We have configured HA pair on our two PA-VM200 Palo alto firewall. Now IP address of my interfaces eth1/1 (inside 10.1.1.1) and eth1/2 ( out side 10.1.1.2) are showing same as primary 10.1.1.1 on both firewalls and I am getting IP confilicting error. Any idea ? Regards,

User-ID Agent Windows 2003 logon events

Hi all, I sometimes have a really hard life mapping domain users with old Windows 2003 forests using UID Agent (no matter if version 6 or 7)) I'll try to explain: when and only when using UID Agent I cannot read all users logon events or, worse, I can't read users at all, ending up having not all domain users transparently mapped and issues with...

GlobalProtect - PW Prompt when LDAP Auth is down.

Hi all, I tried support on this, didn't get much help. I am using PANOS 7.0 and GlobalProtect 2.2.1 I have a couple hundred GlobalProtect clients using Windows. I am using pre-logon (always on) with LDAP authentication. The goal is to have the GlobalProtect clients to stay connected to the gateway at all times, or keep trying to c...

snippet1.png
snippet2.png
snippet3.png
mmclimans by L3 Networker
  • 9832 Views
  • 9 replies
  • 0 Likes

Dual NIC - IP Mapping Issue

This appears to happen at random to a random subset of users.Environment:> 160 AD DCs4x UIAs (2 - 80 DCs / 2 - other 80 DCs)Assume:All possible DCs that a user would authenticate to are being monitored by the agents.Scenario:When users with laptops come into work in the morning, dock and start their computer up. Their computers (Win7) have b...

Auto upgrade on OS

It looks like an upgrade for the os comes out about every other month, has anyone come up with a way to automate the upgrade process and can you recieve email notification of when new os's come out

jdprovine by L4 Transporter
  • 2670 Views
  • 2 replies
  • 0 Likes
  • 24375 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks