This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4115 Views
  • 0 replies
  • 0 Likes

Resolved! Logging IM

Greetings PA community. I have a question about leveraging our PA firewalls (pair of 5020's) to log instant messaging. We're a government agency and some of our employees use instant messaging for business purposes and we MUST log these chats as part of our public records policy. Everything they do with other government agencies over this cha...

josh_ward by Not applicable
  • 2741 Views
  • 1 replies
  • 0 Likes

High Availability with Virtual Wires?

Hi, I've been looking everywhere and I can only find information on virtual wires being used for path-monitoring in HA. What I'm looking for is if when in HA, do the virtual wires fail over? If they do fail over is there a best practices document detailing how and what type of interfaces fail over? Fail over of a L3 interface makes sense since t...

nugentec by L1 Bithead
  • 17559 Views
  • 9 replies
  • 0 Likes

HA path monitoring in virtual wire

I've seen a couple answers here about using Path Monitoring in Virtual Wire. They say that one must use an IP address within the Virtual Wire subnet as the source address. OK, I get that. What I don't get is how to configure such an address. I don't see a way to add an address to a vwire interface. I've tried creating a loopback with no good res...

gmparis by Not applicable
  • 18877 Views
  • 22 replies
  • 0 Likes

Resolved! licensing VPN clients

hi!I would need some help understanding the PAN licensing model fo VPN clients. we are planning a new deployment and would like to offer our clients (Windows and iOS based) the possibility to access corporate resources. since only a very basic functionality is needed in this case (the ability to establish a SSL/IPSec session and assign a remote ...

santonic by L6 Presenter
  • 5057 Views
  • 4 replies
  • 0 Likes

Resolved! Do I configure proxy-id in ipsec-vpn certainly?

Hello all,What is proxy-id in ipsec-vpn configuration??Why does it need??I will use ipsec-vpn on PA-2020 & PA-500.Each devices have 15 proxy-id(remote-networks).I know one tunnel interface has 10 proxy-ids.So I have tested without proxy-id that traffics are processed routing-table(next-hop tunnel interface) to 15 remote-networks.It is normal...

PA 5050 Admin Account Rename/Deletion

Hi AllI am using one PA 5050 firewall and all is working fine. Just want to know if I can rename or delete the Admin (Default) account in the box. This account is default account and is there any limitation if we delete it or rename it. If I delete it , is there anything which I will loose as far as the Administration of the box is concerned.Pl...

itsecll by L1 Bithead
  • 3728 Views
  • 2 replies
  • 1 Likes

Resolved! What did I miss? Cross-zone/vpn traffic

New PA200 installed and working on getting it setup. Aside from a 2wk demo, I have little experience with PAN.I've got a Site-To-Site VPN configured to an ASA5505 at another of our offices.I have one zone setup for a Wifi network. (Called Wifi) IP space behind that zone is 172.168.1.0/24. Interface 1/3 is configured with the IP 172.168.1.1 PAN i...

Nathan.S by L3 Networker
  • 11532 Views
  • 18 replies
  • 0 Likes

HA-system separated with two datacenters

Man have two datacenters and there are about 15-20km between them. The datacenters are connected by dark fiber with 1Gb bandwidth, is it possible to make HA-system to this setup? I mean so, that one of the PA-unit is in the primary datacenter and another is in the secondary.--Janne

GP and Multiple Gateways

I get from the documentation that GP client can automatically detect the best GP Gateway to connect to via response times.Does anyone know the exact process the GP client uses to connect to a deployment with multiple gateways.In this case we have on GP Portal and Gateway on the same FW on the east coast, and have a second Gateway on the West coa...

msamoska by L1 Bithead
  • 4578 Views
  • 3 replies
  • 0 Likes

Resolved! NAt problem with paloalto

Hi,i have 3 zone trust untrust and dmzdmz:91.239.204.0/24trust:10.0.0.0/8untrust: anything when i try to nat from untrust to trust 91.239.204.22--->10.1.1.34 packet goes to dmz interface...i think problem is nat before routing or routing before nat because dmz and nated interface same subnet group...How can i resolve this problem.?

lildeniz by L3 Networker
  • 3488 Views
  • 2 replies
  • 0 Likes

Resolved! Looking for GPClient for Android

Palo Alto Networks Announces GlobalProtect For Android™ Mobile OSAccording to above press release, it is available now, though I can't find it.It says "GlobalProtect for Android is currently available for download from Google Play™. ".Could somebody tell me direct link for it?Regards,Emr

emr_1 by L5 Sessionator
  • 4682 Views
  • 6 replies
  • 0 Likes
  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks