This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4254 Views
  • 0 replies
  • 0 Likes

Interal Architecture of the fpga / asic for pa hardware models

Hi,I've been searching for documentation on the internal architecture for pa5000 series (pa5050 to be precise). I've not been able to find it however. I'm especially interested in how the fysical interfaces are connected what the throughput of the different asic's are (if there is any sort of over subscription). Can anyone help me?With Kind rega...

SSL Inbound decryption and nginx webserver

Hello,I try to configure nginx 1.6.2 (on linux ubuntu server 14.04 LTS) with fully support SSL Inbound decryption.We're running PAN-OS 6.0.9.Based on the document Inbound SSL Decryption Not Working Due to Unsupported Cipher Suites, I configure this on my nginx.conf:ssl_ciphers "AES256-SHA256:AES128-SHA256:RC4-SHA:RC4-MD5:DES-CBC3-SHA:AES256-SHA:...

ctovazzi by L1 Bithead
  • 5248 Views
  • 4 replies
  • 0 Likes

GP gateway drops to SSL and client gets disconnected..?

Hi all -- I just noticed an odd behavior affecting all GP clients (running on PA200, PANOS 6.0.3, GP Client 2.0.3), but I haven't changed anything recently.In looking at the System log, I see users connecting successfully ('portal user auth succ', 'portal client config gen', 'gateway user auth succ', 'gateway user login succ', 'gateway client co...

thatguy by L2 Linker
  • 8953 Views
  • 6 replies
  • 0 Likes

Floating IP and ARP load sharing addresses binding in A/A

Hello All,I'm curious about spending public IP pool given by my ISP, if I decide to put PAN-s in front edge perimeter. I have seen that in A/A scenario I need 4 IP's (physical and virtual) for Floating IP scenario, or 3 for ARP load sharing (2 physical and one virtual-shared IP). Am I right or some other way could be used in active/active scena...

Tician by L3 Networker
  • 3300 Views
  • 1 replies
  • 0 Likes

Aggregate logs on PA-7050 across NPCs?

Hi,I'm trying to aggregate logs across all dps in the system – right now only 2x NPC.Using the procedure here: https://live.paloaltonetworks.com/docs/DOC-3876, the firewall says "packet-diag.log is aggregated” but where is it? Does that aggregated log encompass all slots? When they try to tail or less dp-log pan_packet_diag.log to view the outpu...

Resolved! PANORAMA CHANGE HARDWARE

Hello world,I must change a cluster PA2050 by PA5020 (with the same configuration) and this PA are Managed by Panorama. ( all policies objects are created on Panorama but not policies)Somebody know how to make this change? which steps?thanks for your helpRegards

alle by L3 Networker
  • 7342 Views
  • 5 replies
  • 0 Likes

Resolved! What really mean logs of dp-log and mp-log?

Hi All.I want to know really means that logs of dp-log and mp-log as below. I think that logs would be very useful for troubleshoot when problem occur. please give me that logs info in detail.admin@UQUEST_PANOS40_PA2050> less dp-log brdagent.log dp-monitor.log dp-monitor.log.1 dp-monitor.log.2 dp-monitor.log.3 dp-mon...

ttongfly by L3 Networker
  • 16233 Views
  • 3 replies
  • 0 Likes

Aruba ClearPass and User-ID

We use 802.1X on our network for user authentication and assigning VLANs dynamically. Our edge switches (Brocade) and Aruba Controller are configured to use Aruba ClearPass to authenticate each user. ClearPass uses LDAP (freeIPA) to look up users. ClearPass is currently configured to pass user to IP mappings to the PA via the API. My problem is ...

SHA256 forward decryption on Palo Alto Networks Firewall PanOS 5.0.15

I have a private subordinate CA signed using sha256. This is my forward decryption certificate. The trust anchor is also sha256.With forward decryption enabled on my PanOS5.0.15 device, the certificates generated by the firewall are signed using sha1, even when the websites real certificate is signed using sha256.The current changes made by Go...

EdwinD by L3 Networker
  • 4836 Views
  • 1 replies
  • 0 Likes

Panorama and Active/Active Setup

I'm setting up two 7050's in an active/active configuration. What is the best method to handle this with Panorama? Right now I only have one of them in there and it seems like only one of the nodes is getting my config changes even though I have config sync turned on.

Resolved! Block pornographic Google images.

I have URL filtering configured that blocks pornography, but if I search in Google for pornography and then click on images, pornographic images are accessible. I know that I can block these in Chrome browser, but how do I block them as a policy via the firewall?

JeffC_ by Not applicable
  • 10569 Views
  • 7 replies
  • 0 Likes

Global Protect Problems on a Mac

Running Global Protect version 2.1.0-50 on a Macbook Pro with OS X and Yosemite. Connecting to a PA-500 running PANOS 4.1.8.When I finish using my Mac for the day, I put it in Sleep mode so that it starts up again instantly. But if the VPN through Global Protect is active at the time and I forget to Disconnect, it gets locked up and there's no w...

dehrmann by Not applicable
  • 4939 Views
  • 3 replies
  • 0 Likes
  • 24362 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks