This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

Rest API and import

I need to add a lot of addresses (around 10,000) to my firewalls. I have them in a list and have created a script to add them one at a time. The problem is that this takes a long time. I then tried to add them all, but my URI was too long. So now I can add about 50 at a time. It still takes a while.I also know that with the import command I...

hkp by Not applicable
  • 12937 Views
  • 9 replies
  • 0 Likes

Logging into Management UI causes network latency

Can someone else please test this? Run a continuous ping to a PA200, log into the PA200's management UI, did the pings response times increase? Or drop?We are noticing this on about 5 different remote PA200's. They are all on 6.0.6. Some are on DSL and some on cable. Response times jump from 20-40ms to 900-1000ms, and some time out.

jambulo by L4 Transporter
  • 3942 Views
  • 4 replies
  • 0 Likes

Resolved! Traffic Visualization to find high bandwidth usage

We currently use PA-500 routers at all of our locations. Is there a quick way to either visualize or get a report on traffic usage? Ideally, we'd like to be able to at a glance see what IP is maxing out our bandwidth when we start running low on internet or VPN bandwidth.We did try experimenting with Pan(w)achrome, but we didn't have any luck g...

fkao by L0 Member
  • 11347 Views
  • 6 replies
  • 0 Likes

Resolved! Active session traffic seems invisible to ACC. Any way to see bytes transferred of active sessions in a period of time? (Not using network monitor)

Here's the scenario:1) 1 week ago, a session from 10.1.1.1 and 10.2.2.2 is established. Normally, data transfer is very low.2) Within that session, 100GB of data is suddenly transferred one day between 6pm and 7pm, pegging the site's Internet bandwidth.3) The data transfer becomes very low again after the burst. The session doesn't terminate...

RyanF by L2 Linker
  • 9034 Views
  • 5 replies
  • 0 Likes

Performance issues with a particular site

Hello,I'm having some performance issues with a particular site. I opened a case, but I thought I would pick people's brains here.I'm working my way backwards from the client out to the edge of our network to see if there's any obvious issues on my end. Is there any diagnostics or fact finding to determine if my PA3020 is showing any performan...

ICarder by L1 Bithead
  • 5925 Views
  • 8 replies
  • 0 Likes

Applications using non standard ports - Palo Alto best practice

Ok I'm pretty sure this has been covered elsewhere however I cannot find anything on it. Let me give you some background on the config: Currently using software version 6.0.5SSL decryption in operationTrust to Untrust traffic flow directionOk so I have a rule called "Trust Web Traffic". This rule allows any trust user to any untrust destinati...

Resolved! Site-to-Site VPN - Palo alto to Cisco Router issue

Hi guys,I'm doing a POC for S2S VPN but i cannot get it to work, I'm sure this is a simple thing i have overlooked, a ping from PC2 to PC1, the ping is encapsulated and encrypted ESP on the way over to PC1, but the return traffic is not..... i have the following topology;Now i have set up a site to site VPN from the PA to R2 with the following a...

What are these mysterious pcaps?

Hello,I've noticed a boatload of application-pcaps - between 5-15k, on days where they are captured. There are captures from most days, but not every day.As far as I know, I don't have any traffic captures enabled. All of the following show that captures are disabled:1. debug dataplane packet-diag show setting (capture and logs disabled on all...

Block specific Shared Folder

Is there a way to block access to a specific shared folder of a file server?I need to block the Access from a network , but only one shared folder of a file server.

Resolved! Moving rules

Does anyone know of a faster way to move rules within a policy other than using the buttons at the bottom of the GUI?These are quite cumbersome in a large policy.

Dz3015 by L4 Transporter
  • 5476 Views
  • 5 replies
  • 0 Likes

Resolved! Filtering disable rules in policy window

I know you can filter rules you are viewing in the policy window on many aspects but can you filter out any disabled rules so you are only looking at active ones?Is there a regex guide for the filtering in this window?Thanks

Dz3015 by L4 Transporter
  • 8477 Views
  • 3 replies
  • 0 Likes

About 2 Terabyte Local disk limitation of Panorama.

Hi, After VMware ESXi 5.5 or later ,the maximum supported VMDK size on an VMFS-5 datastore is increased to 62 T. Does it mean that Panorama can utilize more than 2 Terabyte with local disk but not to mount a NFS partition ?Have somebody try this ?Best RegardsEugene Tsai

Resolved! antivirus block action for mail protocols

Hey guys,at a customer's location we have a PA for evaluation. Now we found that 2 viruses have been reported via SMTP. The AV policy was set to block for smtp. Now the question is, how has this been treated. In the ACE exam there was the correct answer that it only alerts even if it set to block, but maybe this has changed in panos 5.0.6? Would...

vertical by L2 Linker
  • 7663 Views
  • 4 replies
  • 0 Likes

Problems creating IPSec VPN to Cisco ASA

Hi,I have been having difficulties trying to configure an IPSec tunnel between a PA500 and Cisco ASA. I can get the tunnel up as it show's as green under the IPSec section however no traffic seems to flow through the tunnel and there is no connectivity. I am essentially using the IPSec VPN to allow a GRE tunnel from a partner companies router ...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks