General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Fast boot PA-450

I have a firewall that for some reason after doing a version update to 11.1 is only taking 2 to 3 min to boot now. I noticed all the logs were not showing up and the interfaces was showing down, but everything was working. I decided to do a factory reset and only do the update to 11.0.2-h2. The reboot time went to 5 min and now the I can not cha...

dwythe by L0 Member
  • 1846 Views
  • 2 replies
  • 0 Likes

Resolved! Config Migration from Forcepoint

My project is to migrate 2 pairs of Forcepoint firewall to PA-440. I have a Forcepoint config in XML. I It is like to like migration without any changes. How do I move forward with it ?

Resolved! Submit IP to known malicious IP or High Risk IP

Can an IP be submitted to Palo Alto to be included in the high-risk or known-malicious IP address lists? We have an IP that has been discovered to be a major DDOS attack BOT coordination point but it's not listed in PAN's threat vault and is not being blocked by our IP list block rules. Talos and other sites lists this as a high risk IP but I'm ...

panorama commit shows 0% but commit is on the device already

I have a really funny issue here. I have panorama for managing all my firewalls, spread across the world. I did a change for our London firewalls and hit "push and commit" on panorama. The queue shows 0% progress, I waited half an hour, restarted panorama, did the same commit, still 0% progress. Then I've checked on the firewalls and both commit...

max.loi by L1 Bithead
  • 6446 Views
  • 5 replies
  • 0 Likes

Interface down due to internet down

Hi, my PA220 interfaces were down due to internet connection is down. As the internet connection was up, the interfaces also showing UP. Why is this happening. is there any settings for this to check.

Resolved! HA4 firewalls

Hi, is there any reference which firewalls do have the HA4 option? Can´t find any information about. Thanks in advance!

Resolved! B2B VPN IKEv2 Fail with Amazon Private Cloud Peer

Setting up a VPN with a vendor. It came up the first time and test data was passed. It was a couple of weeks after testing before the tunnel would actually be used. When that time came we could not get the tunnel up. IKEv2 fails. I know nothing changed on my end and the vendor makes the same claim. The vendor is using Amazon virtual private clou...

pnelson by L2 Linker
  • 3989 Views
  • 2 replies
  • 0 Likes

Scheduled Log Export -user keeps defaulting to admin

OS - 11.1.2-h3 Setting up the scheduled log export for traffic via scp - initial connection test OK. So I know ports are open etc... We enter the username of the user for the SCP server that is going to be used and the password. As soon as you click OK the username defaults back to admin. So the SCP transfer fails. Any idea on how to fix t...

P.Burret by L0 Member
  • 1132 Views
  • 1 replies
  • 0 Likes

Eve-NG Palo Alto VM ARP Issue

Does anybody encounter arp problems in eve-ng on palo firewall with pan-os 11 version ? As an example, i have a small topology like clientA->routerA-> firewall<-routerB<-clientB , when i try to ping from clientA to clientB, clientA send ARP Request for clientB however firewall does not reply ARP Reqest... (it is not a policy,routing...

Failed to initiate Plugin Phase1 commit

Anyone seen this before? "Failed to initiate Plugin Phase1 commit" Process logrcvr stopped (pid: -1) - Exit Signal: SIGSEGV "debug software restart process log-receiver" did not fix it nor did a reboot.

PBF with Egress loopback interface

I may be going about this wrong, but here's what I'm trying to accomplish, and this is the way I thought I could accomplish it. I need to route all traffic from a specific zone/subnet to a routing instance, and load balance egress, with the exception of RFC1918 destinations. My thought was to create a PBF rule to forward traffic to a loopback i...

Screen Shot 2022-03-16 at 11.38.38 AM.png

CVE-2024-3400 IOC's

Hello All, Its a twitter link but will try and summarize the process. https://twitter.com/cyb3rops/status/1781294529586331650 Credit to: Florian Roth @cyb3rops We decided to share our #YARA rules to scan for indicators of the exploitation of CVE-2024-3400 in #PaloAlto's PAN-OS with the community and included some of the generic rules ...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels