This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4224 Views
  • 0 replies
  • 0 Likes

Panorama Using Groups in Policy

Hi Team, When i am trying to add the Group i dont see it as a group but as a User in the policy i am creating in the Panorama. May i know what could be the issue? Regards, Sanjay S

Resolved! PA1410 new install with ZTP disabled but still has ztp references.

Hi All, so we are in the process of deploying a few brand new PA 1410's out the box. during initial bootup the field engineer connects with the console cable, and is then asked to install either ZTP mode or standard mode. engineer selects standard mode and proceed.. all good. once mgmt IP is configured i can then connect remotely and do the conf...

PA_nts by L4 Transporter
  • 15932 Views
  • 3 replies
  • 0 Likes

Map IP Addresses to Users - Azure-AD Cloud Identity User ID

Map IP Addresses to Users - Azure-AD Cloud Identity User ID Good afternoon, thank you for your time and cooperation. I understand that it is possible to apply the Mapping of groups, etc, but example: If I have Workstations integrated to Azure AD totally in cloud, no on-premises AD server, none, just added to the domain in Azure of the endp...

Metgatz by L4 Transporter
  • 4453 Views
  • 3 replies
  • 0 Likes

Resolved! frame_ancestors_missing

Hi I run a regular scan on our equipment from a public source and I am seeing the following vuln being flagged against the URL that is used for our Palo devices and I was hoping someone would have an answer as there's not much information out there. The Analysis refers to: Site Does Not Use Best Practices Against Embedding of Malicious Conten...

Destination NAT with multiple server.

Hello Team, I have configured destination NAT in my environment with one server.Now i can see the number of users increases and too much traffic i am getting in one server, so i want to configure 2 more server with the same services.For example:- If user 1 want to connect my destination it will translate to 10.0.0.1If user 2 want to connect my d...

Jafar_Hussain_0-1587638994562.jpeg

URL Filter Inline Categorization SLOW/DELAY - troubleshooting?

Since updating to PAN-OS 10.2.8 (and subsequently 10.2.9-h1), we've had numerous complaints of slow website access. Outside of the firewall it works fine. I've since narrowed it down to a problem or issue with the URL Filtering Inline Categorization engine. Is there a way to troubleshoot what the hang-up is? Logs seem to tell me very little...

Resolved! Upgrading from 850s to 1410s.

Hello All! I am upgrading from 850s managed by Panorama to 1410s, managed by the same Panorama. No new interface configs, just a simple cable swap. Is there a procedure for this? Is it as simple as plugging in the new 1410s, attaching to panorama, pushing the same policy and config out to the 1410s, then swapping cables over to the new 141...

RonClark by L0 Member
  • 2264 Views
  • 1 replies
  • 0 Likes

Resolved! Scheduled Policy not terminating existing session

Hello everybody, I have a PA-220 and setup a rule that my children cannot access the internet after 8pm. This is working but only for new sessions. Existing sessions like TeamSpeak or BattleNet started before 8pm are still open. Can I somehow kill also existing sessions? Thank you

Dispaying object name in traffic monitoring

Hi, I would like to know if it's possible to display object name associated to each address in traffic logs. I cant find it in any columns but i'm wondering if there is another way to do it. In fact, we want to organise the logs to have a better visibility. Thank you

thkarim by L1 Bithead
  • 6913 Views
  • 9 replies
  • 0 Likes

setting up multiple internet connections

Translator Translator Hi everyone. I have a PA-220 firewall. It is currently connected via interface 1/8 to an internet connection that I will soon have to discontinue, and which I will call GW1 here.At the same time I activated a new internet connection that I will call GW2, connected to interface 1/7 of the firewall...

gnesper by L2 Linker
  • 5624 Views
  • 14 replies
  • 0 Likes

No logs in the monitor > traffic tab?

Hello All,1.) I have just installed Palo Alto 7.1 in Eve-NG, and made two interfaces as Vwire with zone Trust and Untrust.2.) I am able to access access everthing (e.g. internet, ping, etc.) hence policies are working fine as I have created a policy to allow everything from Trust to Untrust. However I am not able to see any Traffic logs in the...

no logs.png

Update Panorama

Did not found any email to write Palo alto PAN-OS developers that hence writing here on feedback on palo alto Panorama update. After finishing update panorama then against the version we update it gives option of "Re-Install" by clicking on that it starts reinstalling and subsequently firewall reboots. Suggestion and request - please put con...

Resolved! Port forwarding through ipsec tunnel

Hello, I have two Pa-440's. One 440 has a public static ip and the other is just dhcp as of right now. I do a site to site to site vpn working between them. I setup an original port forward on the public static ip device to a local host and it worked great. Now, I moved that host to a subnet on the public dhcp firewall. I tried s...

IPSec IKEv2 multiple events per second

Hello everyone, I see many events per second for a site-to-site IPSec tunnel and am unsure if it's normal. The below events have a severity level of informational but go over and over in a second. My question is, is it normal? if not, where should I look to fix it? What can be wrong? ikev2-nego-child-startikev2-nego-ike-startipsec-key-delete...

BGP Advertising prefix to same AS it was learned from.

I'm working on a VRF-centric DC model that utilizes a PA as the firewall platform between VRFs. One of the snags I'm hitting is that if a route is learned from R1 on an AS (say 65001), and is advertised via eBGP to the PA (AS 65002), the PA won't even attempt to advertise it to R2 (Really R1, in VRF AF - AS 65001). I can work around this by spoo...

Tyler_C by L1 Bithead
  • 21783 Views
  • 15 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks