This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 778 Views
  • 0 replies
  • 0 Likes

Monitor session end reason

Hello,

How to check what was the reason behind session end? I mean it could be RST, FIN or timeout from firewall.

Regards,

ifpilm

ifpilm by L1 Bithead
  • 2631 Views
  • 2 replies
  • 0 Likes

Tunnel Monitor Configuration question

Operation CommitResult Failed
DetailsIPSec tunnel #NAME enabled tunnel monitoring while binding to tunnel interface tunnel which has no IP address assigned to it yet.

I receive this error when configuring a tunnel monitor to the IPSec tunnel. I'm guess

...

rking13 by L1 Bithead
  • 4398 Views
  • 4 replies
  • 0 Likes

IPSEC Tunnels and HA Failover

Hello,

In a scenario with two palo alto firewalls where the active firewall fails over to the passive firewall, if there are IPSEC tunnels established are they suppose to automatically come up on the second firewall when the failover occurs or do we

...

MarkTan by L2 Linker
  • 4681 Views
  • 3 replies
  • 0 Likes

dynamic address group

Hi,

when adding an dynamic address gorup with a lot of criteria(each or criterias not and)

is there a way to learn which criteria related to which ip address.

when using command " show object dynamic-address-group all" I cannot understand which ip is re

...

panos by L6 Presenter
  • 2303 Views
  • 2 replies
  • 0 Likes

VPN to dynamic (ddns) destination

I have a VPN setup to a destination that using ddns to keep the hostname across IP changes. This works fine as long as the remote end is initiating the tunnel, but it seems the PA cannot be configured to be able to also *initiate* the tunnel:

When the

...

ctr_ts by L1 Bithead
  • 3299 Views
  • 2 replies
  • 0 Likes

SFTP Timeout

We are experiencing a timeout across SFTP; while SSH seems to be set to timeout at 120 hours, SFTP transfers are timing out at the 1 hour marker.

Is this an expected result? And if so, can we adjust the timeout for SFTP specifically?

Thank you.

CalvinR by Not applicable
  • 2997 Views
  • 1 replies
  • 0 Likes

Resolved! Software Upgrade

Hi Everyone - I have a 4050 HA pair (4.0.12), 2050 HA pair (5.0.1) and several 500's (5.0.3).  I am looking to upgrade the software on all firewalls but have had issues (typically high CPU and memory issues) with all these versions of code.  Can you

...

ROUTING INTER VSYS

Hello ,

I need to route users between more than 2 VSYS. do you know if it's possible to route packet between more than 2 VSYS. PACKET IN-> VSYS1 -> VSYS2->VSYS3-> out. What is the limitation for the routing inter VSYS

thks for your help!

ALex

alle by L3 Networker
  • 3732 Views
  • 3 replies
  • 0 Likes

User-ID Agent not reconnecting after network outage?

We had a strange issue today.

We had a network outage which basically meant that all our DCs that run the User-ID agent were still running, and our PAN was still running, but there was no LAN between the DCs and the management interface on the PAN.

The

...

Resolved! Proxy-Arp behavior and NAT's

Hi All,

This problem is a little confusing to explain but I will do my best to lay this out.  Keep in mind I have changed the IP addresses to keep examples simple.

I have a Palo Alto 2020 with a basic configuration.  One internet connection and One LAN

...

Resolved! Can't logon to web interface after 6.0 upgrade

Hi All,

Anybody having toruble logging on to the web interface after upgrade to PAN OS 6.0.

I can visit the web interface and then type my UN and PWD that seem to be accepted but then I am redirected to the login screen again after clicking submit.

If I

...

JAG by L1 Bithead
  • 2041 Views
  • 1 replies
  • 0 Likes

Scheduled Log Export doesn't accept new SSH host key

Hi everyone,

today I reinstalled our syslog server which we use to archive the traffic logs of our PA-3020s (amongst some other things) and didn't import the old server's ssh host keys.

After updating the configuration for the Scheduled Log Export in t

...

AnneB by L0 Member
  • 4435 Views
  • 1 replies
  • 0 Likes

Resolved! EOL Dates

Official product EOL and EOS dates are these posted somewhere?

amansour by L4 Transporter
  • 4191 Views
  • 2 replies
  • 0 Likes

Palo Alto Scan Clients for Antivirus

Hello,

I have a quick question regarding the capabilities of the Palo Alto's. In this scenario, we want to be able to deny computers who connect via SSL VPN (GlobalProtect) access to the network if they do not have antivirus on their machines. Can Pa

...

MarkTan by L2 Linker
  • 4843 Views
  • 3 replies
  • 0 Likes

Reports - strange behavior (source host name)

Hello

Last time I spent a lot of time to customize reports under my requirements.

I realized some strange for me behaviour in custom reports.

If the IP has an entry in Policies >Addressses is presented in report with the name from Policies >> Addresses

...

_slv_ by L4 Transporter
  • 2388 Views
  • 3 replies
  • 0 Likes
  • 23986 Posts
  • 115 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks