This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4129 Views
  • 0 replies
  • 0 Likes

What does not get uploaded in Config that needs changed via CLI?

We have a PA-500 that has a bad hard drive in it. We copied the config from the bad device and transferred it to the new RMA device they have sent us. on the GUI all the settings have transferred over just fine and nothing looks different. But when the device is in place we have network issues and it is looking like packets are being dropped (so...

Resolved! NAT based on URL or FQDN

Hi, I want to make a NAT based on a URL or FQDN.I only have one public IP but several URL that I want to NAT to different inside servers.I have this working on a ISA and want to do the same in the PA.I have a PA 500 with 5.0.8.

Protecting private clouds

We are in the process of testing the deployment of Internet-facing services into Azure, such that they are accessible from the public Internet via Azure but have a VPN connection back into our environment. Obviously in this scenario we must rely on Microsoft to protect the public-facing service, which removes all visibility and undermines our in...

KGC by L3 Networker
  • 3581 Views
  • 2 replies
  • 0 Likes

Reputation score based policy? / URL-Filter w/o Threat Prevention

Question1:We're in the middle of evaluating the PAN firewall 5050, and are generally impressed w/ what it can do, in terms of blocking & reporting, etc.One feature we're looking for, but seems to be lacking is the ability to permit / block end users' web browsing based on reputation scores.For example, a website that's normally in the allowe...

huangedmc by Not applicable
  • 4649 Views
  • 3 replies
  • 0 Likes

Google-calendar-base from iOS devices

Hi,I applied an SSL decrypt profile and with no blocking configuration if decryption would fail. Now I notice that on iPad with IOS7.0.x the calendar from google is not working.It appears in the traffic log as decrypted and the application is seen on 443. So looks to be working but it is not updating. Also I see traffic send and received.Somebod...

Resolved! Active Active unique address on DevID 0 and DevID 1

Hello- I am reading through the docs on ActiveActive HA and floating IP. The diagrams show that for intf A there is a10.1.1.253 address on the Active-Primary intf and a 10.1.1.252 on Active Secondary.My question is, how do I configure the different address and ensure its tied to the Active-secondary.thank you in advance,Don

dbrenipc by L3 Networker
  • 3435 Views
  • 2 replies
  • 0 Likes

Palo Alto Software/Threat/AntiVirus Update Policy

Hi,I am having an internet facing firewall which needs to be kept updated with the Threat/AV software. I have configured the service route to use the correct interface for updates. However, it still cant check and download the required updates. As its evident I need to have a policy in place to allow the above traffic. I know what source to use,...

DCN by Not applicable
  • 4565 Views
  • 5 replies
  • 0 Likes

Resolved! How can I edit group entry or delete group using xml-api?

Hello.It is possible to create group and add group entry using XML-API at User-ID. like below.<uid-message><version>1.0</version><type>update</type><payload><groups><entry name="group1"><members><entry name="domain\user1"/><entry name="domain\user2"/></members></entry>...

namok77 by Not applicable
  • 3598 Views
  • 2 replies
  • 0 Likes

Management Interface outside of firewall

Knowing that one does not *usually* put a device management interface outside of the firewall, on the public Internet, in the case of PAN gateways is there any severe problem with this? I have a situation where putting the management of these devices on the private management network would require quite a bit of additional configuration, bandwid...

Resolved! Data filter with SSH proxy decryption

So, I would like to be able to enforce file blocking between our external FTP,sftp,scp server that is published in our DMZ. Users coming into the DMZ are NAT'ed from a public IP space to 172.16.0.0/16 space. I have enabled SSH proxy decryption between the outside and the DMZ interfaces and traffic is being decrypted as shown by the traffic logs....

Resolved! When PA move Active-Passive what problems?

Hello~PA Devices are HA environmentone of them failed disk or temperature raiseDoes PA move other device?because I don't know exactly about moving HALink Fail, Path Fail, HA Link Fail I knowI think that Environment occur alarm(FAN, Disk, Temperature, etc? are there ?I seem to PA move other device

VMware and Paloalto

Anybody had issues with VNware servers and Palalto firewall. Suddenly our webservers not able to communicate from DMZ to internal network where the SQL servers are.Adrian

alupea by L0 Member
  • 1848 Views
  • 1 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks