This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4473 Views
  • 0 replies
  • 0 Likes

DSCP marking over ipsec VPN

Hello,I inherited a network with 4 sites connected together via 3 PA-500's and a PA-2020. We have implemented Lync for VOIP and I'm having issues getting packets to retain their tags across the VPN (internal to the tunnel is all I want) I can't seem to find any documentation talking about DSCP/COS/IP Precedence tags anywhere in the documentation...

traty by Not applicable
  • 7576 Views
  • 4 replies
  • 0 Likes

Filtering Systemlog

I'd like to filter the log in order to get lines containing e.g. "BSS".It works when filtering the description column : ( description contains 'IKE protocol IPSec SA delete message received from peer. SPI:0xAB229BB0.' )It works when filtering the object column: ( object eq P1_012_BSS_EISEN )It does not work when filtering with "CONTAINS" ( obj...

rkra by L2 Linker
  • 3302 Views
  • 2 replies
  • 0 Likes

Packet capture filters

Hello.Does anyone else have problems with defining filters for packet capture in WebUI?If I understand correctly (there is no info about this in official documentation) all values in the same filter are logically connected with 'AND' operator. And logical operation between different filters is 'OR'.So if I want to monitor all traffic between 2 h...

santonic by L6 Presenter
  • 7489 Views
  • 6 replies
  • 0 Likes

Can not access management by WebUI

I can not access palo alto by web management https://xxx.xxx.xxx.xxxWhen I login,it redirect to page login again.I can access ssh and I see patition root is use 100%.

BaNk by L1 Bithead
  • 4227 Views
  • 2 replies
  • 0 Likes

ssl decryption certificate

HI FRIENDS,Now days i am facing a challenge ssl decryption certificate. i have a create a ssl decryption policy for block few App -ID after SSL decryption we got certificate error client side any suggestion???RegardsSatish

Satish by L4 Transporter
  • 4585 Views
  • 7 replies
  • 0 Likes

Resolved! Panorama template push on production devices

I have an environment where there are Palo Alto firewalls already deployed and in production (mix of PA-200's & PA-500's), I am building the templates but I want to make sure that when I push them out the templates won't wipe out the management interface settings or settings that are left blank in the template on Panorama. I have looked thro...

ericv by Not applicable
  • 22190 Views
  • 4 replies
  • 1 Likes

AD interation and recently created user - problem

HelloI'm using user ID with agents on DC. Today I got strange problem.I created new user and I try to logon to GP portal and user GP client. Everytime I got in logs invalid username or password.I know:>debug user-id refresh group-mapping all (non-intrusive command)This command will only fetch the delta/ difference value from the active direc...

_slv_ by L4 Transporter
  • 2993 Views
  • 2 replies
  • 0 Likes

TS Agent 6.0.3 on Windows Server 2012

Hi all,this is my environment:PA3020 PANOS 6.0.23 Terminal Servers running on Windows Server 2012 R2 Datacencer, each one having PA TS Agent 6.0.3-8 onboard.Documentation states that Windows Server 2012 is supported by TS Agent starting from 6.0.2, it's been a very long time I was waiting for this, till now I've tried previous versions of TS Age...

Resolved! User Identification

Hi all,I'm just trying to wrap my head around the finer points of using the built-in user-id agent to query our AD logs instead of having a user-id agent on each DC. I've got this working in our environment, but I'm having a few connect-server-monitor-failure events come through. n I still have the connect frequency set to the default 2 seconds...

QoS Best Practices - complete concept/configuration - big picture for QoS

Hi there,I already read the QoS in PAN-OS 4.1 document and the QoS section in the Panorama Administrator's Guide 6.0 (English).But there a still big question marks hovering over my head. :smileyconfused:The examples show only one use case/qos-profile at one time: "QoS for a Single User" or "QoS for Voice and Video Applications" or "restrict down...

Future start log entry

Noticed a lot of traffic from one machine, went to investigate and found a LOT of traffic.2111 Petabytes.Strange glitch? Or does one of my users have a time machine?

holtcg by L1 Bithead
  • 2837 Views
  • 3 replies
  • 0 Likes

Resolved! Remove access report

Is it possible to create a report of users that access the network using the global connect client?

infotech by L4 Transporter
  • 6034 Views
  • 8 replies
  • 0 Likes

How do you verify the threat prevention throughput?

hello,I would like to seek your help in determining the exact threat prevention through of a specific deployed PA machine.I've been going around the forum and checking tech guides but i couldn't find one.This for the reason of right sizing and to verify if a machine deployed could still be able to handle the network traffic.Or if you have any su...

  • 24380 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks