This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4106 Views
  • 0 replies
  • 0 Likes

Resolved! EIGRP between routers sitting behind PA site to site VPN

I want to set up a site to site VPN tunnel between PA 3020 and PA 500 to replace existing Cisco equipment. The current equipment is uing EIGRP routing to fail over to VPN from MPLS using 1921 routers. If I put in PAs to handle the VPN traffic in front of the 1921 routers, will the routers still be able to form an EIGRP neighbor and that traffic ...

VPN.PNG

Resolved! Traffig Log database exceeds alarm threshold value(90%) of total allowed size (xxxx) Issue

Hello Community, Actually I have an issue with traffic log alarm. First, I want to know more related to traffic log works. Actually the PA has assingned 32% (38.06 GB) of quota. In the security rules the flag is check in the option "end the session" and these logs, palo alto sends to external syslog server. Why does the traffic log is filling...

Apadilla by L3 Networker
  • 7492 Views
  • 1 replies
  • 0 Likes

User-id not updating mappings fast enough

We have 2 user-agents deployed that read the AD logs and the PA7050's connect to the user-agents. The agents are running 6.0.7-10 and the PA7050's running 6.1.4.We are having a problem where mulitple machines across various networks are using a "generic" login account. We have policies in place on the PA7050's that are enforced on these macihine...

Temperature sensor in PA-4020

Hi guys, Is there anybody, who has PA-4020 with 6.1.x(perfect if it will be 6.1.5 🙂 )? I need some help.First, could you please execute a command:> show system environmentals thermaland share the output? Secondly, ask your box via snmp:snmpwalk -v2c -c COMMUNITY BOX-IP .1.3.6.1.2.1.99.1.1.1.4snmpwalk -v2c -c COMMUNITY BOX-IP .1.3.6.1.2.1.99....

faust by L1 Bithead
  • 3448 Views
  • 2 replies
  • 0 Likes

Resolved! Block known bad TLDs?

My CISO want's to block known bad TLDs (such as .zip or .review) in our Palo. I know how to block specific url(s), but is there any way to block an entire TLD? I'm running into issues blocking *.zip since it will also block legitimate URL traffic that has *.zip* in its URL.

grumpycat by L1 Bithead
  • 11075 Views
  • 10 replies
  • 1 Likes

New dates not available on reports-

When I go to monitor reports and click a report- I can't select any date after July - I created a custom report and can report on information that way but the included reports don't seem to be working. Any suggestions?

Resolved! Default Behavior of QoS

Hello All,Quick question on the default behavior of QoS on the firewalls. Do interfaces on the firewall assume the QoS profile of "default" if I don't specify a QoS profile for the interface? The heart of my question is if I change the guarenteed and max values for the profile as well as class 4, would those values apply by default, or would I...

dan731028 by L3 Networker
  • 5137 Views
  • 4 replies
  • 0 Likes

6.1+ update stops tagged interfaces from working

I tried updating a PA3050 HA active/passive setup from 6.0.10 to 6.1 to eventually go to 7.The update works for both devices, everything seems to be working like it should, except for the tagged subinterfaces of the aggregated interfaces. They simply stopped working. They appear to be up, traffic seems to be allowed through them, but everything ...

Resolved! IP address not displaying correctly

I created a user account that so that the helpdesk can monitor the traffic and threate logs on the palo alto but not make any changes. But when I open up the traffic and threat detail instead of showing the exact IP address for the source and destination it show 95.10.147.0/24 and destination 136.176.56.0/24

024.PNG
jdprovine by L4 Transporter
  • 6340 Views
  • 3 replies
  • 0 Likes

Resolved! Random denial

What would cause traffic that is allowed through one rule to be denied by a rule below it. Shouldn't it just go through the rule allowing it and not even go any further.Odder even still is that traffic is not always denied sometimes it does pass through the rule it is allowed.

jdprovine by L4 Transporter
  • 8208 Views
  • 16 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks