General Topics

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! Does Config Lock disable the "OK" button on changes?

I thought a Config Lock is supposed to disable the "OK" button when making configuration changes. Could someone please confirm that's the case?

CLI "target" command

Can someone please explain what the CLI "target" command actually does? It says that its for a "management session target". What does that actually mean?

I am trying to create a static destination NAT to enable RDP access on port 3389 for one of my internal servers, but no matter what I try, it just doesn't seem to work. I've read through several KB articles as well as https://live.paloaltonetworks.c

...

HSRP:- Ideas / suggestions thoughts on how to achieve this using Palo Altos in Active/Passive.

Greetings Evereyone,

I need some ideas / suggestions / thoughts on:

For reference, I just attached a hand drawn network diagram.

Just to provide a brief description, I have a network scenario that presently uses HSRP to maintain Active/Passive configura

...

ARP load sharing

We are planning to set up HA in Active Active mode. The boxes sit in separate locations with Layer 2 network between them. Currently our guest Network site on our second PA-2020 with our LAN on the first. Wer had to put the guest Network on second

...

Resolved! Ldap Proxy

Hi,

in what situations should we use user-id agent as Ldap Proxy ? And when we select this function, how agent behaves?

Resolved! Exclude config snippet from HA sync?

Hi,

I've deployed two standalone firewalls...i.e., non-HA. And have been using the interface comment field to document the switch port that interface is connected to. I'm now building an active/passive cluster and noticed that when I sync the config

...

Empty Reports, What a I missing?

I am new to the PaloAlto world, and admittedly somewhat overwhelmed at the moment. I am working with the reporting features and not getting even close to the results I expect. Particularly when I run a "User Activity Report", I get a 5 page PDF and a

...

Process to change to HA from cold spare

The HA documentation states that one should start with a 'clean slate' when implementing HA. I currently have one PA-500 in production on 4.1.4 and another PA-500 as a cold spare. The production PA-500 has 2 unused traffic ports that can be used for

...

top bandwidth usage

is there a way to fined the top bandwidth usage in PA 4.1.x in the exact moment that i need , because usually i have to wait for 15 minutes to get it from the ACC.bandwidth

How to disable url update failure message

Hi All,

We don't buy URL License on our PA-2020 with PANOS 4.1.8, but we receive many url update failure message on PA-2020. Is there any way disabling url update?

Thanks.

Joy,

failed admin login attempt NOT recorded in system log

During a routine test, we found out if failed attempt login with the admin name as root via ssh or console will not record to system log, but failedd attempt login with other name via ssh or console will record to system log.

Question regarding unknown application behaviour

Lets say you configure a rule with:

Application = Any

Service = Custom Service (TCP port 12345)

Now when the AppID engine cannot match anything I guess it classifies the traffic as "unknown-tcp".

Will the traffic be allowed (because unknown-tcp is part o

...

Resolved! MDT and GP client

What's everyone using to deploy GP client? We're finding that because the GP client is not populated with any information(when downloading it from our PA firewall) it's causing problems with the MDT process. The MDT process stops as the GP client pop

...

Resolved! How to Fix - Error in getting locked users?

I have users locked out and yet when I go to Device > Authentication Profile is how this error in the Locked Users column "Error in getting locked users". What is cause and how do I fix it?

This has now come up fairly often.

System PA-2020 with 4.0.4

...

Discussions

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

Resolved! Does Config Lock disable the "OK" button on changes?

CLI "target" command

Resolved! MS-RDP NAT Issue

HSRP:- Ideas / suggestions thoughts on how to achieve this using Palo Altos in Active/Passive.

ARP load sharing

Resolved! Ldap Proxy

Resolved! Exclude config snippet from HA sync?

Empty Reports, What a I missing?

Process to change to HA from cold spare

top bandwidth usage

How to disable url update failure message

failed admin login attempt NOT recorded in system log

Question regarding unknown application behaviour

Resolved! MDT and GP client

Resolved! How to Fix - Error in getting locked users?

Quick upgrade query

Push Scope isn't showing and Commit button grayed out after upgrade Panorama

PA Active/Passive and Cisco stacking LACP

Single pass parallel processing

Does anyone know the API XPATH to load partial for static routes?

SYSTEM ALERT : medium : MLAV: Unknown error

Re: ACC shows ipv6 addresses in source/destination IP

Re: Quick upgrade query

Re: Certificates not showing under Devices Certificates or CLI

Re: Telemetry decided to stop sending

Unlock your full community experience!

Resolved! Does Config Lock disable the "OK" button on changes?

Resolved! MS-RDP NAT Issue

Resolved! Ldap Proxy

Resolved! Exclude config snippet from HA sync?

Resolved! MDT and GP client

Resolved! How to Fix - Error in getting locked users?