This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4248 Views
  • 0 replies
  • 0 Likes

VPN tunnel is getting dropped

we are seeing tunnel drop with below error message.IKE phase-1 SA is deleted SA: 1.1.1.1[500]-2.2.2.2[500] cookie:191098e4ef6db35d:eba9ee89ff200b07

transition from trial to purchased license

Hi All, We are in a scenario where we are running firewalls on trial licenses. We have purchased the licenses. Can you help me with following queries :1. When firewall transition from trial -> purchased license, will firewall drop the network traffic ? 2. Any recommendation on scheduling downtime for it ?

BRI-IT by L0 Member
  • 884 Views
  • 1 replies
  • 0 Likes

Resolved! 2 Tunnel With 2 IP Public. Secondary one is filtered ?

I have two IPSec tunnels with 2 ISPs:ISP 1 is PrimaryISP 2 is Secondarywith a Failover scheme. But when I set the metric for ISP 1 to 10 and ISP 2 to 200, it seems that the public IP of the second ISP cannot ping the second tunnel's peer gateway, with a message saying the packet is filtered. How can I configure it to keep both tunnels active, ...

ariiero by L1 Bithead
  • 1846 Views
  • 2 replies
  • 0 Likes

URL logs missing for Traffic through alert only URL category / profile.

Hi All, Software Version 11.1.2-h3 We have a strange situation: Some URL filtering log entries for valid visits to web sites are missing. The traffic goes through a security rule which has a URL filtering profile with only alert and block categories. We have both Pan-db and Advanced URL filtering licenses. We can see the traffic in ...

Resolved! VM PA Firewall on esxi

Hi Team, I am trying to install a vm pa firewall on esxi host. Downloaded the ova of 11.2.0 base image and installed. When I configure management interface it comes up. But none of the data plane interfaces are coming up. Reinstalled once again and still the same. I see many people reinstalled and it worked. From the esxi side security policy s...

Change of models managed by panorama

Cordial greetings Team I currently have a PA 220 managed from panorama and we want to upgrade it to a PA440. The idea is to keep the same configurations of the 220 device in the 440. The question is, how should this process of device change be done? We have added the new device to panorama and when adding the same template and DG that the 220 ha...

aalfaro by L2 Linker
  • 5486 Views
  • 9 replies
  • 0 Likes

Pre-established BGP connection to HA?

All,I'm looking to set up established BGP connections from the upstream routers (Cisco Nexus) to the HA unit in our A/P setup for faster failover times, and to not make it look weird when trying to determine if adjacencies are up to the primary unit from the router side. I know there's some things that can be established, LACP and the like, but ...

Resolved! DNS sinkhole , some questions

I'm a SOC analyst, and we receive firewall logs regarding DNS sinkhole alerts. I'm trying to understand them better. I have received multiple logs of this type, and I want to make sure I understand them correctly. In this log, the domain that was queried was "s.w.org," right? I received multiple logs, and "generic:sr7pv7n5x.com" was present in a...

Brand new PA-1040 interface 1 & 2 in red link state problem

Dear All, I got a brand new PA-1040, and i have choice standard mode rather than ZTP mode from the beginning and i found that interface 1 & 2 are in red link state, even i connect a network cable into these port and i still see there is no green light show in the PA portal just wonder is there is something to do with the ZTP...

piaakit by L1 Bithead
  • 1169 Views
  • 1 replies
  • 0 Likes

Resolved! pa-450 software no update information available

Hi, I installed new pa-450 on 10.1.3 from config exported from pa-820 on sw version 9. Device is registered properly. Dynamic updates work without any problems. All licenses are resolved properly from license server and applied properly. During software update I have info: no update information available During GlobalProtect Client update simila...

bkrajnik by L1 Bithead
  • 6543 Views
  • 2 replies
  • 0 Likes

Firewall in Not Ready state after Factory Reset

Howdy! I recently inherited a PA-5050 from work for my homelab, and I go to try and configure it, but I notice that the firewall states that it isn't ready, and whenever I try committing a change, it says All daemons are not available. It was in a working production environment before I took it, so I doubt hardware issue. Its running PAN-OS 8.1....

physicsprop_0-1689401846537.png
physicsprop_1-1689401871580.png
physicsprop_2-1689401888474.png

Running SSH commands

We have a used Palo alto PA-3050 and with a support of someone in this community have configured the management IP address and default gateway. We have used the web interface to configure DNS. The device is running PANOS 9.1.15-h1 and we understand there is a 11.2 version. The issue we are having is that we have a C++ agent that uses SSH to conn...

andrewk by L0 Member
  • 1960 Views
  • 3 replies
  • 0 Likes

Panorama restore from HyperV replica

Dear awesome ppl, I was wondering if anyone done any Disaster Recovery for Panorama? I would like to pull the entire HyperV VM from our backup..to restore Panorama virtual appliance..don't really want to get rebuild with the config file as Sdwan ZTP will need to have pre-shared key renewed... Thanks for input. John

Resolved! PAN OS Upgradation

Hello Team, I am planning to upgrade my Palo alto device which model number is PA-4050, current software running on that firewall is 5.0.11. I need to upgrade that in N-1 version could you please suggest the upgradation path so that I can download required images and store in my Jump box. Regards, Akshay

ANilawar by L1 Bithead
  • 3425 Views
  • 4 replies
  • 0 Likes
  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks