This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4231 Views
  • 0 replies
  • 0 Likes

Application Dependency Warnings

We have begun the process of globally allowing some applications for the entire enterprise. At this point, these are (fairly) innocuous applications which are largely dependent on web-browsing / ssl. Two questions:1. When verifying if a dependent application is available, does the firewall check the policy from the top down or just rules belo...

PAN-200 and Active Directory - Part II

PAN-200 Software version: 6.0.1 GlobalProtect Agent: 2.0.4 New domain, built on Windows Server 2012 R2.I'm missing _something_. Setup as below and I cannot login with the domain name account to the VPN. It's got to be one .. little .... thing.Device - Setup - Services - Services Features: Service Route Configuration / DestinationDestination: ...

bdunbar by L3 Networker
  • 6295 Views
  • 9 replies
  • 0 Likes

Paloalto firewall placement

Hi, i have customer who bought 2 paloalto firewall, with threat prevention and url filtering licences and i want some advice for the placement of paloalto in the architecture to ensure the maximum of security and deploy all necessary fonctionnality please find in attach the architecture ,knowing that : ASA is used for :- VPN IPSC- managing inte...

atelcom by L3 Networker
  • 8427 Views
  • 13 replies
  • 0 Likes

IPSEC Tunnel Bandwidth Monitoring

Is there a built in function in PANOS to monitor bandwidth across IPSEC tunnels? I can pull snapshots between IP's using ACC, but does not provide flow history similar to what Network Monitor does. Even setting up QOS only gives me the current snapshot.Would NetFlow be able to monitor tunnel traffic?Thanks,Jim

Dynamic "Allow" Lists possible?

Greetings,I'm migrating from regionalized TMG environment, to a distributed Palo Alto design at a great number of sites. One of the banes of our TMG existence is maintaining a list of allowed internet sites that anyone on the network can get to VIA a trust to untrust policy (Even those non-domain devices). Things like HR sites, retirement, heal...

aklugherz by Not applicable
  • 4015 Views
  • 6 replies
  • 0 Likes

Multiple Admins and what happens with a commit?

Hello,If I have multiple admins working on the same PA, when the second admin logs on do they see the first admins candidate config, or do they get a copy of the running config? When a commit is done, does it commit only the changes the admin makes, or the changes from both admins?I understand that the config lock would prevent the second admit...

eosminer by L1 Bithead
  • 3962 Views
  • 3 replies
  • 0 Likes

WGeneric.dilll threat ID (1270326)

Anyone else getting clobbered with Threat ID 1270326 alerts today?Seems to be firing on attempts to download a flash file.Any/all insights appreciated. Tnx! Tomthreatid:Virus/Win32.WGeneric.dilll(1270326)

TomS by L1 Bithead
  • 4115 Views
  • 6 replies
  • 0 Likes

Resolved! PA-500 CLI and web interface unbearably slow

"show system resources" indicates CPU is 80% idle... yet can take 90 seconds to display results. Logging into the web interface can take 60 seconds. Committing insignificant changes can take 5 minutes (Maybe this is excusable). These are not exaggerations.How can I troubleshoot the source of this latency? I'd love to hear an responses such as...

cstech by L2 Linker
  • 12812 Views
  • 11 replies
  • 1 Likes

Resolved! SHA-1 unsupported

Hi all,I apologize if the answer is already there, but we did not find it.Is there any knowledge that the PAN will not support SHA-1 because it is outdated?Thanks,Vesna.

How do I create a report for QoS?

I don't see any canned reports and I don't see a way to create a custom report for this.I need to make sure my QoS rules are working and I can't sit and watch the graphs all day and all night.Mike

mike_cc by Not applicable
  • 2949 Views
  • 2 replies
  • 0 Likes

Resolved! Panorama cluster web certificate

panorama cluster web certificate | Palo Alto Networks Live Hello All, I wanna use our PKI and created certificate for primary Panorama to not get WEB cert. error but I`m not able to do so on standby as it saing:"Configuration changes not allowed on the passive Panorama"Is there any step I`m missing or its not possible to do so?THX for any r...

radp by L1 Bithead
  • 5216 Views
  • 5 replies
  • 0 Likes

reconfigure DNS and PAN3020 firewall

Currently i two AD dns zones in on my DNS server (windows):mycompanydom.com - internal domainmycompanyplan.com - external domain where all our internet webservers and web applications live. my A records in mycompanyplan.com point to internal non routable IPaddress for each internal server so the traffic does not go out the firewall and back in. ...

  • 24357 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks