This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4224 Views
  • 0 replies
  • 0 Likes

Beginner questions

Hi i am a beginner in paloalto networks.Can some one please help me to know the below doubts.Cli "telnet command" option is not seen in 5.0.0 versionHow can we take config backup automatically scheduledAdmin accounts are synchronized in HA active - passivePipe Command is not seen visible in 5.0Thanks

IPsec Site to Site Tunnel Crypto

All,First, please forgive me if this has been asked before, I wasn't able to find anything conclusive with any good explanation.Recently I renewed a couple of web server certificates and in doing so the CA recommended that I use SHA2 with a 256-bit message digest as SHA1 was known to have been cracked and was weak. This lead to some further digg...

cmateam by L3 Networker
  • 5920 Views
  • 3 replies
  • 0 Likes

Resolved! Receiving "Internal error" on commit

Running 4.1.6 on 5050's with a Active/Passive HA.I activated the PAN-DB filtering on my Active firewall and then rebooted it, it failed over to the passive firewall just like it should. However, when my firewall came back up it came up as having HA not enabled, the autocommit is failing, and if I try to force a commit I get this error:· Error: ...

Brinkman by Not applicable
  • 10372 Views
  • 3 replies
  • 0 Likes

multiple VLANs on one security zone - possible?

HiI need your help with one (probably simple for You problem).I have PA200 but I have only one "free" security zone and one phisical interfece free.I need to create 4 local networks (as a subinterfaces/VLAN) that every one has their own adresses, dhcp server, NAT policy to their own IP.Intervlan traffic shouldn't be allowed.Is it possible? Until...

_slv_ by L4 Transporter
  • 10834 Views
  • 19 replies
  • 0 Likes

Resolved! autocommit fail

Hi,upgrading from 4.1.13 to 5.0.0 using upload option;device boots and at %10 for autocommit it fails and again and again trying to autocommit and fails at %10any idea ?

Resolved! log export

Hi,When exporting logs from Monitor / Traffic tab to excel file is there a way not to export all columns(fields) ?

Resolved! dhcp server stops

Hi,Panos ver 4.1.13 Dhcp server on layer3 interface suddenly stops.Restarting device fixes that.error comes as Failure: dhcp server is not enabled on interface 'ethernet1/3'.Anyone see that error ? Any idea ?

Resolved! Global Protect password expire

Hi,When clients connect to Global Protect they got a warning password will expire and it says 1 day.I looked to LDAP profile it is as default 7What could this warning be ? How can we disable this ?We also checked Active Directory for password expire but it is not 1 day.

Resolved! Guest Network Setup

Hi - What is the best method to setup a guest L3 network in PanOS?UntrustA = CorporateUntrustB= Guest InternetwDMZ = Wireless DMZ for Guest Internettrust = CorporateRequirements =1. wDMZ needs to get to a few specific IP's on UntrustA.2. wDMZ needs to get to the Internet via UntrustB.Initially I was thinking of a second vRouter? OR is policy bas...

PA-500 and Jumbo Frames

Background: I've been doing some testing with a pair of A/A PA-500's and decided to enable jumbo frames on a file server. I understand that the PA-500 does not support jumbo frames but when I begin a file transfer, it works, running at about 5,017 Kbps. After a little while the frame size reaches 4464-bytes and my speed increases to 392,644 Kbps...

GtY007 by L0 Member
  • 4190 Views
  • 3 replies
  • 0 Likes

Qualys Scan alert on OpenSSH J-Pake

We run Qualys scans on the internal network, and it's picking up that the PA's are running OpenSSH ver 5.2. I receive the following warning:OpenSSH, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol. This allows remote attackers to bypass the need for knowledge of the shared secret, and successfully ...

dru by L0 Member
  • 5441 Views
  • 6 replies
  • 0 Likes

Having to reset the dataplane frequently

Hello,We've been having an issue in our environment where we need to reset the dataplane because randomly packets will traverse our rules and start getting denied. We aren't sure why this is happening or what's causing it. What I'd like to know is if anyone could shed some light on how we can go about troubleshooting.Let me know what info you ma...

grkchr by Not applicable
  • 5920 Views
  • 5 replies
  • 0 Likes

GlobalProtect client doesn't inform the user that the portal/gateway connection is timing out

In my testing of the GlobalProtect client (I'm using the latest stable, 1.2.1), I noticed that if for any reason the connection to the GP portal or gateway times out (e.g. the user's laptop isn't connected to the Internet, doesn't have the correct IP address, doesn't have the cable plugged in, etc etc) the client will never actually inform the u...

SSL based custom application also seen as SSL

Hi,I set up an SSL based custom application for a specific web application in the company.I followed this document : But when I look at the traffic logs, for every connection to this application I have :- 1 log that shows traffic as "ssl" application,- 1 log that shows traffic as my custom application.07/23 18:11:18 traffic start ssl ...

mattieub by L0 Member
  • 3025 Views
  • 2 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks