General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! CVE-2026-0229 and 11.2.7-h4

We are running version 11.2.7-h4 with Advanced DNS Security feature. This is hitting vuln CVE-2026-0229. https://security.paloaltonetworks.com/CVE-2026-0229 Has anyone upgraded ro a later version of 11.2.x ? What would you recommend?

Panorama 11.1 Recommended AWS Instance Size

Running Panorama that manages two firewalls in a small deployment, the current instance size is c5.4xlarge, which I believe is excessive for CPU and memory usage. Is it okay to use a different instance size, like m6i.2xlarge or smaller? I understand the documentation recommends 16 CPUs and 64GB RAM for 11.1 and later. https://docs.paloaltonetw...

Resolved! L3 Subinterface Traffic's Not Passing

Hi Team, Seeking for you advise, or your input that one my recent setup. I have made the Palo L3 subinterface for three VLAN's and the firewall port have been connected with Cisco L2 switch and the port of cisco has configured with trunk. After made the above, i can see the switch in the firewall connected interface, the VLAN details are apper...

Palo Alto Webinars

Hi,I've attended two Palo Alto webinars:- PAN-OS 10.1 Expert-Led Webinar on the 10th of February- Live upgrade demo on the 18th of FebruaryI was told we would be given the video recordings and slides from these webinars, but I don't know where they are. The tutors were saying the recordings would be available on the Live community page, but I ca...

Badbox malware

Hi, Our ISP keeps alerting us that we have a malware infection with something called android.badbox somewhere on our network but the source as they see it is our DNS server. They've provided the DNS query which they're seeing (for an A record) but we don't have the facility to log client queries on our DNS system. We've searched the paloalto thr...

Address Group and Tag limitations

The necessary firewall rules for each application are defined by labels. If a workstation needs access to it, the label is requested and assigned (XML-API), so each Workstation has its own set of firewall rules. I tried implementing this requirement using different approaches, but unfortunately, everything failed due to several limitations. Fir...

HeinzP by L1 Bithead
  • 2195 Views
  • 7 replies
  • 0 Likes

Palo Alto - Barracuda IPsec VPN problems

We've a IPsec-VPN IKEv2 between Palo Alto (10.0.7) and Barracuda (8.0.5-0341) with 10 IPsec tunnels, one VPN-tunnel per subnet-pair, on Palo side "proxy IDs".At least once every day, some of these ipsec-tunnels go down and can only be forced to come up again with manual "initiate" on Barracuda.The Palo Alto is set to passive.Normally, every 35 -...

ChrisCon by L2 Linker
  • 19387 Views
  • 13 replies
  • 0 Likes

Cortex - many aged-out connections on 35.244.133.254

Hello,We are experiencing a high number of aged-out connections from our Cortex agents and brokers on 35.244.133.254.When the connection is successful, the app-id traps-management-service is detected by our firewall.Do you also encounter this behavior?Thanks !

RezhoPsq by L0 Member
  • 948 Views
  • 2 replies
  • 0 Likes

how can we confirm if there is existing firewall rule or not in the policy by filtering by source and destination IP address and port numbers.

I can find existing firewall rule in the Firewall policy by searching by just source IP address or Just Destination IP address but our Firewall policy rule base is huge and i need to filter it by Source IP and destination IP address (both) and possibly by port number as well , (Just like Checkpoint). can someone kindly share screenshot of this, ...

Need help uninstalling Cortex XDR

Hi, I am looking to get help on uninstalling Cortex XDR from my personal machine. I have tried creating an account and opening a support ticket via https://support.paloaltonetworks.com/, however it just directs me to an error pageI do not have the uninstall password, and the online recommendations to try Password1 for cytool protect disable did ...

Issue with PA-445 Failover - Interface Reset

We just replaced our active-passive PA-850s with PA-445s and have run into an issue when we failover the firewalls. On failover, all the data-plane interfaces on the new active node go down for 20 seconds before coming back up. This is dropping every active connection through the firewall. We did not see this behavior on the PA-850s (failover...

Resolved! No app ID for for WinRM, port 5985?

I am trying to add WinRM to a allowed policy and I am not finding the app for it. Does PA call it something different? I was thinking there was a way to search the app db by port but nothing is coming up.

jeffm by L0 Member
  • 8245 Views
  • 4 replies
  • 0 Likes

Resolved! QoS profiles on Aggregate interfaces

In advance - thank you for your help.I am trying to create a QoS profile. Here is my scenario. I want to apply a QoS profile to a public IP I own to do one of two things. 1 Give it priority over other traffic OR (complete opposite) rate-limit traffic FROM this IP out of my Internet interface on my PA.What I am testing:Created a QoS Profile ca...

ZachSmith by Not applicable
  • 8598 Views
  • 7 replies
  • 0 Likes

Migrate PA-3260 cluster to 3420 (managed by panorama both)

Hi, i have to do this migration. So my steps will be: 1) Install the same version 11.1.x as the old cluster. 2) install licenses 3) add new cluster tu panorama 3) add the device group old cluster to the new one. 5) clone template old cluster to the new one cluster and check the possible interfaces/clusterHA-ID changes to the new cluster. IS th...

BigPalo by L4 Transporter
  • 1071 Views
  • 1 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels