This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4118 Views
  • 0 replies
  • 0 Likes

Dynamic Updates Problemes

From this night with last dynamic update of Applications and Threats the detection of private IP's in Geo IP location changed from origin private IP to unknown. Does anyone have the same issue? Since this morning with last dynamic update of Applications and Threats we have massive connection problems and we are clutching at straws.

Resolved! Two Global protect Portals on one gateway - possible?

Folks.I have a need to implement certificate based login for most of our corporate PC's to Global protect - so they pre-login and get domain scripts etc when the remote users logon.However, I also have a number of PC's which aren;t corporate owned (and, as such, I can't push certificates to) which still need to be able to login just using userna...

darren_g by L4 Transporter
  • 8780 Views
  • 7 replies
  • 0 Likes

Resolved! IP Mappings Disappear Too Soon in log

Hi, We have two PA-3020 in HA state, PAN-OS is 5.0.4 and we have configured 4 User-ID Agents (for now, in this troubleshoot stage, we are focused on only one agent).Problem is in IP – user mapping. Sometimes in logs we see user and in very next moment the field for username is blank. The problem is equivalent with section IP Mappings are Created...

Resolved! What happens when a User-ID agent restarts?

I have been using the agentless user-id but it seems to be overloading my firewalls so I am moving to a separate agent. I am trying to decide whether I need one or two though and need to understand what happens when an agent restarts.When it loses the agent, does the firewall drop all its user mappings?When the agent comes back does it drip-fee...

djr by L4 Transporter
  • 6739 Views
  • 6 replies
  • 0 Likes

Web Interface access from Internet

I have PA-200 connected to Internet , but mgmt interface disconnected right now. Do I have to piggyback mgmt to one of remaining Ethernet interfaces in order to get access to web interface from Internet ? Plus port forward rule ?Let me know

niuk by L3 Networker
  • 9472 Views
  • 17 replies
  • 0 Likes

Question On NAT Configuration

Hello All,I have a PA-200 at home, sitting behind a Comcast modem, that hands out a single DHCP address.I also have a Meraki Z1 VPN device associated with work, that I have behind the PA-200. The Meraki requires that the source port not be translated, when attempting to contact the Meraki cloud concentrator. The Defualy Source NAT gives me an e...

Resolved! SSL Decryption - getting spoof cert out to BYOD personal devices

We are in the process of setting up SSL decryption. We have a BYOD wireless network that needs to have SSL decryption turned on. Students can connect with their personal devices, so we need to be able to block Facebook, porn, etc.that are coming in over HTTPS. We've got it working with organization-owned equipment but are having hang-ups with...

dannon by L3 Networker
  • 12359 Views
  • 8 replies
  • 0 Likes

No GUI Access: FW-6.1.0: Session Time Out

I have a PA-200 with 6.1.0. I can SSH in fine to mgmt. When I try GUI, I get to the login page. When I login with correct credentials it says Session Timed Out. I think it's a disk space issue. When I show system disk-space SDA2 is at 100%. Everything looked to still be working fine behind the scenes, ie traffic flow until I did a full rest...

Access only to Office 365

Hi,We have many client computers with no internet access (only intranet and email).Since we are migrating our email to Office 365, client computers need access to Office 365 (via Outlook and Web browser). Not only mail services, but also licensing, onedrive, ... - the full scope of MS Office 365 services.How can we achieve that?Thanks.

spopovic by Not applicable
  • 9294 Views
  • 8 replies
  • 0 Likes

Resolved! PBF failover happens but users still unable to browse

hi,i have a pa-3020 with two ISP links, my PBF configuration as follows :for testing when we disable the link for ISP-1 it did a failover but actually no internet browsing, on the NAT there is already two nat policy for each ISP but it did not trigger the nat untill i moved the nat policy for ISP-2 on top then only it works, any hint where could...

No Wireless ?

It looks like none of PA has wireless (nothing on PA-200 or PA-500) , am I correct ? It's very disappoining

niuk by L3 Networker
  • 2457 Views
  • 2 replies
  • 0 Likes

Portal Status Connection initializing

I'm using LSVPN, after rebooting my satellite I can see Portal Status Connection initializing (Network->IPsec Tunnels->Gateway Info) But nothing happens, in the capture I don't even see actual traffic to portal even if I try to reconnect manually. Please advise

niuk by L3 Networker
  • 4606 Views
  • 3 replies
  • 0 Likes

Resolved! scheduled report - problem

HelloI have group of reports that are gnerated every week.Every custom report I tested using "run now"before I let them work scheduled.My report looks like:and the output:but output from pdf that I got on email:as You can see, the "Name" and "ID" column is missing.My small investigation give some dubt. Why this (and one before) report has differ...

_slv_ by L4 Transporter
  • 3559 Views
  • 3 replies
  • 0 Likes

Windows DNS Server behind PA

Did a PA install last night, the client had a public facing DNS server. the DNS server had a public IP before we moved it behind PA to nat it. while it was outside firewall with public IP the DNS queries from internet worked fine without any issues. Once we moved it behind PA and gave it static one-to-one nat with proper security policies for dn...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks