This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4110 Views
  • 0 replies
  • 0 Likes

Captive Portal for more than one security zone

HiFew months ago I sucessfully configured CaptivePortal (in redirect mode) with SSL certyficate from StartSSL for one of my local network connected to PA200.Now I need to do the same for another local network, but on PAN I can only make one CP configuration, with one SSL cert.I have SSL cert for host cp1.mydomain.com. This dns entry pointing to ...

_slv_ by L4 Transporter
  • 7735 Views
  • 10 replies
  • 0 Likes

Resolved! Routing question - MPLS between two sites, with one of those connections being a failover ISP

Hello,I've got a scenario in which I'm not sure how to proceed.We have two sites, both sites just got new circuits.In Site A, we have two new circuits (ISP #1 and ISP #2). I've set up in my PA-500 Policy Based Forwarding to have ISP #1 as the primary internet connection, and if that drops, it will failover to ISP #2. We've tested this and it w...

uscit by Not applicable
  • 9971 Views
  • 9 replies
  • 0 Likes

Automatic switching between main and emergency link

Hi,We have two link between our PaloAlto (PA 2050) and a Fortinet. I'd like that when our main link get down, that data goes through the emergency link, i've found how to do it on the Fortinet but no way on the PaloAlto. All I can do is changing the weight for each address class between the two equipements.Does anyone got an idea?ThanksFrédéric...

DHCP, Captive Portal and strange behavior

HiIn every security zone where I have Captive Portal enabled PA working as a DHCP server for clients.Configuration of DHCP: (lease time is - 1day)On clinet ipconfig /all show:In system logs I have a lot of entries (this is from my test VM), other client also generates as my entries.The red arrows shows that I did ipconfig /release and ipconfig ...

_slv_ by L4 Transporter
  • 3746 Views
  • 3 replies
  • 0 Likes

Resolved! OSPF ERROR

Hello,I have configured ospf in ha with PA4060 in V4.1.11I can see my neighbor but my palo-alto with low priority stay DR and I can see the following error in log:PA-4060-1(active)> tail follow yes mp-log routed.log i/f idx 0 Hello packet dropped because source router ID matches local router ID.any Idea for my problemthx,ALex

alle by L3 Networker
  • 3482 Views
  • 1 replies
  • 0 Likes

Wildfire continue and forward

I made a wildfire fileblocking profile like shown in the how to set up wildfire video. But i find that i breaks certain opperations. Like downloading google chrome where you download a small installerthen the installer itself downloads the files needed, same thing with installing -net framework i seems.If i change the profile to alert it works f...

csteinsv by Not applicable
  • 2389 Views
  • 1 replies
  • 0 Likes

SNMP OID's

Folks.Can someone point me to a more recent listing of OID's than the ones from 2011 which I've been able to download?Or, even better, give me an indication of what the OID's are for the following on a PA2020 running 4.1?Active SessionsConcurrent SessionsSession Utilisation percentageChassis TemperatureSystem UptimeI'm trying to integrate some m...

darren_g by L4 Transporter
  • 13834 Views
  • 8 replies
  • 1 Likes

Unauthorized DHCP offers

Hi,We have a PA500 box running 4.1.11 software.I our school's dorms area students sometimes succeeds in connecting private routers' LAN side to the local LAN infrastructure, hence clients start getting sporadic DHCP lease offers from such routers which leads nowhere.How can I set up an alarm to trigger on detected DHCP lease offers from other de...

Resolved! Does Palo Alto issue security advisories for security related fixes in patches/updates?

I noticed that in the release notes for PANOS 5.0.4, there was a reasonably serious security issue pointed out:46728 - A Tech Support file generated on the firewall could be downloaded without the admin being prompted for user authentication. The issue is now fixed.To me this is kind of a big deal... being able to download the equivalent of a '...

Win7 VPN IPSEC Connection

Hi,i want to establish an ipsec vpn connection from win7 pro with the onboard vpn functions.How to configure my PAN 2020 and the win 7 pro client?I don't want to use the pan global protect client.Thank you for any tipps.regards axelip

axel5le by Not applicable
  • 3386 Views
  • 2 replies
  • 0 Likes

Resolved! Commit vs. Commit Force

Does anyone know what exactly the differences are between a commit and commit force? Does the commit force disregard error messages and commit an otherwise 'bad' config that could result in errors? Does it reorder the commit process? Does it cut off or restart a special process or server function to allow commit changes to take place?One thread ...

das by Not applicable
  • 13828 Views
  • 2 replies
  • 0 Likes

Routing between Virtual systems

Hi all,I have 4 virtual systems and have 2 requirements:1. That VSYSs must go to internet by difference lines (we have 4 WAN lines)2. That VSYSs can communicate with other VSYS.I assign 4 Virtual routers for that VSYSs and resolve the requirement 1But I cant do route between virtual systemsCan anyone help?Thanks.Binh.

binhnt by L0 Member
  • 4612 Views
  • 3 replies
  • 0 Likes

Resolved! Predefined admin account

Hi,Question about local administrative accounts and privileges:According to the manual the predefined "admin" account has full access.Does this means:1) another local administrator account will never be able to get has much prviliges has the predefined one?2) to maintain full access, the predefined "admin" must be used and thus, cannot be delete...

wimjuste by L1 Bithead
  • 3458 Views
  • 2 replies
  • 0 Likes

Planes

Is there a matrix or list of items that describes each of the plane functions? I know there is a management & data plane on the Palo but I'm not sure where to place the 'control' functions such as routing updates or switching path information and caching.For example, if you restart the mgmt plane, will this trigger HA failover? I am guessing...

das by Not applicable
  • 2809 Views
  • 1 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks