This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4244 Views
  • 0 replies
  • 0 Likes

Resolved! global protect and admin UI on the same IP from a data plane interface

what appened if you configure global protect and admin UI on the same ip addresson a data plan interface we decide to affect a management profile interface that allow HTTPS and response page.and we affect one IP to this interface.and we use this same IP for portal and the gateway of global protect configuration.is it possible to access to ADMI...

Gregoux by L4 Transporter
  • 2804 Views
  • 1 replies
  • 0 Likes

Resolved! Multiple IP address affected to L3 interface

Hello AllSomebody know whyWhen You add 2 ip address from the same subnet to the same interface Layer 3 ex ; ip 1 : 12.52.36.2/29ip 2: 12.52.36.3/29you obtain an error lijke subnet overlaping to solve that you need to declare one IP in the subnet /29 and the other in subnet /32like IP 1: 12.52.36.2/29and IP 2: 12.52.36.3/32thank

Gregoux by L4 Transporter
  • 10290 Views
  • 3 replies
  • 0 Likes

MigrationTool

Hi,i am new in town. I am trying to convert a Cisco PIX to PA sintax usin the MigrationToolVM.1.5 (i only have a 32-bit cpu) and i am not abe to create the XML file.Checking Hosts integrity. Looking for hosts with an invalid netmaskName: Gestor Mask: 0I dont see any netmask error at the PIX config. Is there a way to have more details of the erro...

gbarrios by Not applicable
  • 2223 Views
  • 1 replies
  • 0 Likes

Resolved! FTP Data connection broken, need help

ta, Im having a heck of a problem.One zone out to an ftp server is working frie but from another zone the conputers can connect but they cant get file listings of xfer data ata ll. Routing is fine, obviously, the rules they are hitting is ok, NAT and Sec.Both connections go through two VRs to get out to the ftp server. One zone hits two rules, t...

choff123 by L3 Networker
  • 17198 Views
  • 14 replies
  • 3 Likes

Dynamic Objects Error

I’m trying to test using dynamic objects on 5.0 however I’m not sure If I’m missing something?The document suggests the syntax to add a new entry do a dynamic address object is as follows:https://<IP>/api/?type=user-id&action=set&key=<KEY>=&file-name=<XMLFILE> Where IP is the IP address of the firewall under managem...

rds by L2 Linker
  • 3674 Views
  • 2 replies
  • 0 Likes

Resolved! Question about logging and Panorama

Is it possible to have both a Panorama server receiving logs from the gateways AND a syslog server receiving them at the same time? Any examples?I also believe I heard that there is potential to have the feature in an upcoming rev of Panorama forwarding logs to other destinations, like another Panorama or Syslog server. Still in the works?

Resolved! migration tool

using the latest version of the fw migration tool, can anyone share how to delete the database files?Doing an ASA to PAN migration when creating the XML file, the migration tool does configuration check, looks for host with invalid masks.Tool found a number of hosts with a mask: /0 This is an error as it clearly shows the host with a /3...

msamoska by L1 Bithead
  • 5346 Views
  • 5 replies
  • 0 Likes

Chromebook VPN

I have the need to establish VPN connections from Chromebooks. My initial research is not real promising, So far I have determined:1) There is no GP Client for the Chromebook.2) The Chromebook only supports:L2TP over IPsec with PSKL2TP over IPsec with certificate-based authenticationOpenVPNGo figure even my lowly Android phone supports XAuth/...

tjcarter by L1 Bithead
  • 3372 Views
  • 1 replies
  • 0 Likes

Assign static IP through LDAP for GlobalProtect Client

Hello,For Cisco ASA, I can configure fixed IP address for SSL VPN user by using LDAP attribute "msRADIUSFrameIPAddress IETF-Radius-Framed-IP-Address ".(SSL VPN is authenticated by AD window 2008).Now, I'm using PAN and I don't know how to configure assigning static IP address for GloblaProtect client.Please let me know, Does PAN support this?Tha...

ThongPD by L1 Bithead
  • 6273 Views
  • 8 replies
  • 0 Likes

Setup Alert for Traffic to Specific IPs

We are trying to figure out if there is a way to have the firewall create an alert in the logs when traffic hits a specific IP range. We don't want to block access to this range of IP addresses but we want to be able to confirm if users are conversing with IPs in a specific range. Any thoughts on this would be appreciated?Thanks in advance!

Resolved! PA Web-UI Strange~

Hello~ everyoneHave the used Windows 7 Enterprise?as far as We know that IE has installed Windows basicallyThe Windows version is 7 Enterprise x64IE is 8.0We know that When PA set something we have to click object, device, policy etc,,,so,, Object Tab select and than we can look left there are many menus when some of the menu something click in ...

Possible Bug in Global Protect

I am wondering if anyone else is having this issue. We are using on-demand mode. When setting up a new laptop we install the 1.2.5 agent. At this point our helpdesk tech is logged in and the VPN connects correctly as it is our process to test it. From here he disconnects and reboots the workstation. I then log into the machine with the user...

nthen by L3 Networker
  • 5562 Views
  • 8 replies
  • 0 Likes

PAN Agent to FW connectivity

Guys,we have a PAN agent User-ID version 5 running on the network, all is working fine, but just thaton the PAN agent User ID, I see only one device PA-FW as connected.The active one, and the standby does not show up.Is this the right observation, or should I see both the PA-FW's on the PAN Agent.Active and standby.Please advise.Regards,Tau_

rz185016 by Not applicable
  • 2526 Views
  • 3 replies
  • 0 Likes
  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks