This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4112 Views
  • 0 replies
  • 0 Likes

BGP Across Two Data Centers

hey all, we have a customer who currently has two PA-2050 nodes setup with HA at one location.they would like to split the pair and have one PA-2050 at Site1 and the other at Site2 ... setup as Active/Standby.There would be two private L2 networks between them - one for the HA/keepalive and the other to tie in the inside interfaces.each pa-2050 ...

RHO by L0 Member
  • 2566 Views
  • 1 replies
  • 0 Likes

tcp-fin and aged out

I know there are timeouts set for different application is there a reason other that session table information. Is there any risk? Is it the firewall that is closing a connection? If so what would it close a active connection? Is there a security reason why you should make the time outs longer?

jdprovine by L4 Transporter
  • 7350 Views
  • 3 replies
  • 0 Likes

Object Names and IP Addresses

I've run across an interesting "feature" in working with the Palo Alto system. I'm converting from the Checkpoint platform and have found a feature that I use in the Checkpoint all the time, but don't have available in the Palo Alto Panorama. If you type the IP address of an object, but that address is not part of the name, you won't be able t...

User-ID for Exchange Permission Issue

Hi All,I'm running an agent-based User-ID setup against three AD DCs and two Exchange CAS servers. Unfortunately, despite having the Event Log Reader permission, I cannot seem to get data from the Exchange servers. I am successfully getting data from the DCs, but the Exchange servers always show either Connecting or Connecting (A required priv...

HA question

Hi,In an HA pair does the passive HA unit also generate the canned predefined reports? Or only the active HA unit?Thanks,Emma

Problems with ms lync / url filtering

Hi all,I am trying to get lync2013 working, and more specifically Skype for Business, successor of Lync. I have Lync 2013 completely working, but I would like to permit all the wildcards permitted through url filtering, linked to a number of applications as Stun, ssl, mslync,... After this rule , there are also other url filtering rules, for exa...

Time stamp of traffic/threat/url logs are 3 minutes into the future?

Threat logs, traffic logs, url filtering logs are all in the future by 3-4 minutes where everything else has the correct time from the ntp server. The dashboard shows the correct time and what's interesting is that the Configuration and System logs show the correct time (same one as in Dashboard - General Information) yet as you can see the Logs...

zbierskik by Not applicable
  • 2677 Views
  • 1 replies
  • 0 Likes

Resolved! Data plane User-ID mappings empty

We currently have a pair 5020s using LDAP for User-ID - up until about a week ago it was working.I can see in the logs that the mappings are taking place, and the management plane mappings are there, however the data plane table is empty.This is causing drops on policies which have User-ID as a stipulation.Any ideas?

VPN Tunnel between static Palo Alto and dynamic Fortigate

What is the exact settings in order to establish a VPN tunnel between a Palo Alto firewall that has static WAN IP address and a Fortigate that has Dynamic WAN IP address?If both has static IP address, the tunnel works.If Fortigate has dynamic WAN address, I cannot get the VPN working. I tried aggressive mode on both sides. Palo Alto log keeps ...

Not understanding "WildFire: Automatically Detect and Prevent Unknown Threats"

First of all I'm very impressed with Palo Alto's firewall, I'm definitely a "fan", however we purchased a wildfire subscription under this premise:WildFireTM simplifies an organization’s response to the most dangerous threats, automatically detecting unknown malware and quickly preventing threats before an enterprise is compromised. Unlike legac...

HIPmatch IP?

Palo currently emails me the hipmatch alert and includes the internal IP that globalprotect assigned it. How do I get the public IP that the user came from in the hipmatch alert email?I know I can manually find it via the interface (which shows both the internal and external IP for users) but since hipmatch is emailing the internal IP field, how...

ulti by L3 Networker
  • 2140 Views
  • 2 replies
  • 0 Likes

Resolved! Captive Portal logs

HelloDoes anybody know how can I get some logs to check how many times a specific user was authenticated via Captive Portal?Is it possible ?Thanks in advance!!!

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks