General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 198 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 880 Views
  • 0 replies
  • 0 Likes

DH group 15 not supported in phase 1 with IKE v1?

I need to migrate an old firewall to a PA-440 and came across an ancient IPsec where they have used DH group 15 for both phase 1 and 2. According to the docs for PanOS 10.2 DH 15 is now supported but the 440 whines about DH15 in phase 1 as I use IKE

...

Resolved! License renewal

Please confirm if the expired PaloAlto licenses can be renewed?

If “YES”, Please confirm which of the expired PaloAlto licenses can be renewed?

not able to open support case

Hi,

 

When I try to open support case error message coming up saying "Problem Category is missing".

 

Although I select the product as PAN-OS while creating the case.

 

BR,

Alaa

aasaggaf by L0 Member
  • 580 Views
  • 1 replies
  • 0 Likes

Best upgrade practice with HA Pair ?

We are preparing to update this weekend to 10.2.7 to resolve the expiring root certificate issue. We have an HA pair that we want to failover while upgrading as to not disrupt service. While I have the upgrade path from the Palo documentation what I

...

Walt by L1 Bithead
  • 2692 Views
  • 1 replies
  • 0 Likes

Setting Up Double NAT over a site-to-site VPN

Hi,

 

I've been trying to read up on if it is possible to set up what Cisco would call "Twice NAT" on Palo Alto, and while there seems to be a lot out there for really odd fringe cases, I'm struggling to find anything on what I think would be a reall

...

BGP failover not working as expected

Hi

 

Our PA 220 is running 2 eBGP's  with 2 CE (WAN) routers.

Those 2 CE routers will run eBGP with respective ISP's. 

 

We control the routing through Local preference. 

 

Routes learned via primary CE 1 has LP of 500

Routes learned via secondary CE

...

Paloalto can't block hotspot shield.

 

Dear all,

 

I am currently facing paloalto can't block and see hotspot shield app.

Our organization do not want to use ssl decryption to block hotspot shield.

 

Any other solutions to block hotsport shield without decryption ???

 

 

Thanks.

 

 

zm.tun by L1 Bithead
  • 8766 Views
  • 8 replies
  • 0 Likes

Panorama Upgrade

Hi Team,

I am setting up a new Panorama. Where not even created the Device Groups and Templates yet. I need to upgrade the Panorama but i am not able to do that. I am able to reach internet but unable to fetch the softwares, is there anything that ne

...

Resolved! LACP MAC Movement and Doubts

Dear Folks, 

 

First time I'm deploying PAs with LACP active/passive for HA solutions. I have some doubts couldn't get enough information from Internet source. 

 

1.  In the event, if one firewall goes down, PC on SW1 goes down, how this mac and arp

...

Ramakrishnan_3-1702285551757.png

auto commit issues after upgrade to 10.x

Hi,

 

We started to experience auto commit finishing delay on our PA-5220 after the upgrade to 10.x.  We have a pair of HA PA-5220 in active/passive mode, we never had an auto commit issue before in previous updates, reboots of the firewalls. We have

...

RREALICA by L2 Linker
  • 17860 Views
  • 14 replies
  • 7 Likes

Upgrade of 5260

Dear Team,

I have upgraded PA-5260 from 10.0.12 to 10.1.9-h3 and faced weird, issues after the upgrade the customers monitoring system has generated some errors like this >> "device 'slot-1 data processor' status is 'down' "" we have checked and slot1

...

  • 24013 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels