This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4257 Views
  • 0 replies
  • 0 Likes

Resolved! Traffic logged in an interface in down state

This is our scenario:- A PA-200 with a subinterface tagged with VLAN ID 200.- Connected to a Cisco Catalyst switch (trunk with VLAN ID 200 allowed).- It has been working without problems.Now, we want to divert traffic to a Cisco router with same IP address as PA-200.We put Catalyst interface in shutdown state (where PA-200 is connected) at 10.52...

Panorama Generating Blank Reports

Hey everyone. Has anyone see an issue where Panorama (VM) is generating blank scheduled reports? I came into the office this morning, and found that Panorama generated its normal scheduled reports, but they are all blank with no data. Its not just one day, its 3 days worth of reports that have blank data.I checked the device logs and cannot f...

jholmes by L1 Bithead
  • 6977 Views
  • 3 replies
  • 0 Likes

Local user authentication

Hi all,What does it mean if I create a rule that allows http/https services only for authenticated users from local user database between 2 zones? Will the users have to authenticate to the firewall first? How? Thanks!Peter

AD groups will not show up in PA

I have a new AD group that I made that I want to use in a PA rule. Its been 24 hours and it has not shown up.Firmware: 4.1.7We use Radius.Maybe i should reboot the radius servers ...thanks

choff123 by L3 Networker
  • 4093 Views
  • 3 replies
  • 1 Likes

Allow Ping to Layer3 Sub-Interfaces by default

Hi,I have Palo acting as Layer3 gateway and I would like to always allow clients within the VLAN to Ping their default gateway (i.e. Layer3 Sub-Interfaces on Palo firewall) by default (running in Active/Passive mode). In my case multiple Layer3 Sub-Interfaces are sharing same Zone hence allowing blanket rule to permit ping within Zone may be har...

DCN by Not applicable
  • 3961 Views
  • 3 replies
  • 0 Likes

Resolved! PaloAlto firewall platform upgrade?

Hi,I'm a customer with two PaloAlto firewalls PA-2020 with active / passive config. We have a 100 Mbps simetrical Internet speed bandwith connectedto the PaloAlto firewalls and all is working fine.Our ISP provider is going to upgrade our Internet speed to 1 Gbps and replacing the Cisco 2951 router to a higher Catalyst one. My question is if we ...

Resolved! Top Source Countries (Foreign) Custom Report

While attempting to create a report that only showed the "TOP Source Countries (Foreign)" I found that it also shows connections from the US... Is there a way to exclude the United States from the report?

bgharris by L0 Member
  • 4252 Views
  • 3 replies
  • 0 Likes

Resolved! Management inteface send packet port 137 to broadcast public IP

Hi all,I monitor traffic on management interface of 3020, I have seen so many packet from management IP to an broadcast IP Aug 23 14:49:24 192.168.1.15:35889 203.77.255.255:137 UDPAug 23 14:49:24 192.168.1.15:52601 203.77.255.255:137 UDPI try to stop all service on management interface but it is not affect.Please help me to stop th...

Resolved! Traffic report

HiI have few reports that I get every day/week on my email. But I'm looking for traffic report per ingress/egress interface- something like is posssible to generate by hands from Monitor>Reports>Traffic report>Ingress Interface but scheduled and sended on email.I tryed to create custom report and load "Ingress interface" as a template -...

_slv_ by L4 Transporter
  • 3356 Views
  • 2 replies
  • 0 Likes

Resolved! Audio Issues with Asterisk via PA-2050

I am currently attempting to cut over our office's internal gateway from a BSD firewall to our PA-2050 (running PAN-OS 4.1.9). When attempting the cutover, I can get all services to work properly with the exception of our two VoIP servers (running Trixbox, which is Asterisk-based). I can get the servers to make a call, but once connected there...

Isosat by L2 Linker
  • 16341 Views
  • 20 replies
  • 2 Likes

Resolved! Captive Portal -- LDAP Authentication Question

Thank you for your time. I have a lab setup with a PA-500 and a Windows 2008 server with Active Directory. I have a single user in the trust zone on the Palo and I am trying to get Captive portal working for User-ID mappings of unknown users. I have my LDAP server profile and I have my user/group mappings working just fine with that, however, wh...

Resolved! Logg file for CRL update

Hi,Does anybody know in which log file I can see that the CRL revoke list is updated?And also if its possible to see that a client is rejected because of revoked certificate not just client cert invalid?/kristian

kristian by L3 Networker
  • 4659 Views
  • 2 replies
  • 0 Likes

Gotoassist coming up as Unknown-TCP

Hi There,We have a user that is trying to use Gotoassist support with one of our supplier companies. I have created a specific rule that allows for Citrix, web-browsing to the specific websites it needs and gotoassist application itself. However, when it gets to the last step in the connection proccess where it comes up and says "Connecte to GoT...

JRussell by L3 Networker
  • 5468 Views
  • 5 replies
  • 0 Likes
  • 24362 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks