This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4110 Views
  • 0 replies
  • 0 Likes

Global Protect Portal/Gateway infrastructure

hello I would like to add a new IP address to create a new GP portal/gateway the IP Address I have been given by the provider is not available to select as an IP Address I created a tunnel and configured an IP address but that has not solved the issue Q what has to be configured for the new public IP address to be selectable ? thank you

S.Byrne by L3 Networker
  • 1047 Views
  • 1 replies
  • 0 Likes

high availability

hello I have 2 x 440 series to configure for HA active/standby I plan to use ethernet 1/5 , 6 , 7 & 8 for the Data & Control links I have connected the interfaces to test when I select interfaces under "HA Communications" only the management interface is available in dropdown -- the other ethernet interfaces are not available as an op...

S.Byrne by L3 Networker
  • 2603 Views
  • 5 replies
  • 0 Likes

Intregate Captive Portal Palo Alto with Aruba clearpass

Hi Expert , I would like to know about intregate authen captive portal itself for identify byod of palo alto with clear pass the clear pass have pull information with ldap my question is below - Palo alto can connect just clear pass for authen ? with out directly connect ldap - how can deploy cert with client to avoid warning cert can us...

Resolved! Action=Allow while NATDestinationIP=0.0.0.0

Hello, I am not a firewall administrator I am an analyst who reports alerts on suspicious behavior based on indicators of compromise matches, mostly related to ransomware and IP addresses with bad reputation. I have a big doubt because I always generate the alerts from the SIEM starting from the Action=allow field but I have noticed as you c...

JuanLondono1_0-1714499856570.png

Resolved! Ping Failed (aged out)

Hello friends, I configured site-to-site vpn between two firewalls and the ping from network behind firewall (internal network) to other internal network is failed (timeout) while the traffic shows allowed in the firewall logs. The Tunnel is Up and Green status. The configuration is the same on both firewalls and straightforward. Policy allows...

Hayder by L0 Member
  • 2615 Views
  • 2 replies
  • 0 Likes

Resolved! Can't create case, get salesforce error (ever since my day 1)

I can get logged in to https://support.paloaltonetworks.com, but when I attempt to create a new case I get a Salesforce error: https://supportcases.paloaltonetworks.com/_nc_external/identity/saml/SamlErrorSingle Sign-On Error We can't log you in because of an issue with single sign-on. Contact your Salesforce admin for help. What do I do? I h...

pbrosthp by L0 Member
  • 1644 Views
  • 1 replies
  • 0 Likes

PBF with NAT, how does it works?

Hi GuysAccording to document , if there's destination NAT , there'll be second routing lookup to decide outbound zone & interface. But I'm very confused when there's routing and PBF together, In the second routing lookup, how does PBF rule work? Does PBF work based on Pre-NAT destination address or Post-NAT destination address? According to ...

JTR by Not applicable
  • 13701 Views
  • 4 replies
  • 0 Likes

Resolved! Type=Deny while Action=Allow

When opening iOS Facebook app I''m unable to play a movie... however, from the same device if I login to facbook via browser I can play the video.I'm trying to find out why the iOS App is getting blocked, as my policies clearly allow it.Rule iPhones: Iphone Rule allowing all traffic Log when using Facebook via Chrome Log when using Facebook v...

iPhone Policy.JPG
Traffic Allowed.JPG
Blocked Traffic.JPG
Decryption Policy.JPG
Hwinter by L2 Linker
  • 21735 Views
  • 4 replies
  • 1 Likes

Palo Alto Clearpass integration disconnecting

We are looking to utilize Cleaspass sending information to ours Palos for the purpose of user-id. We have this applied in some test groups but we are running into an issue where after a few days the connection appears to time out and the Palos stop received user-id information from Clearpass. There are no errors in the Palos system logs, Clear...

Claw4609 by L5 Sessionator
  • 1641 Views
  • 2 replies
  • 0 Likes

Resolved! PAN NGFW carbon footprint

Hello, I'm searching for informations about environmental impact of NGFW. Is there a benchmark for the carbon footprint of Palo Alto physical firewalls?Measurements such as the footprint of the production of a firewall, daily electricity consumption? Thanks for your help.

Panorama MGMT interface option - Public IP ?

Hi Question about configuring Panorama management interface. Why is there a "Public IP" under the management interface? "IF" we would set a public IP on the panorama, dont we configure it under IP Adress + Netmask + gateway? Why is there a "Public IP" option field first? I searched and read the guides but nothing about a public ip is spoke...

AnderSL by L1 Bithead
  • 2125 Views
  • 2 replies
  • 0 Likes

Resolved! Find the source for "DNS amplification attack response"

Hello, We receive many "DNS amplification attack response" alerts with the source of our internal DNS servers toward public DNS servers on the Internet. How can we know whether these alerts are not false positives and if they are true positive, how to find the main endpoint responsible for this type of attack? Thank you all 🙂

Help support

Dear Palo alto family, I face some difficulty to ping internet on DMZ , i am trying to configure a security policy DMZ_to_Public/ WAN but still i didn't ping 8.8.8.8 in DMZ switch and didn't ping in firewalls itself also. Help me to solve this issue pls

Zola12 by L1 Bithead
  • 1669 Views
  • 3 replies
  • 0 Likes
  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks