This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Resolved! Panorama and Threat Map

Hello togheter,few days ago we started to forwarding our logs from our PAs (located world wide) to Panorama.I really like the Threat Map under the App Scope Monitor tab.Do you know, if its possible to configuried it so, to have an overview of all PAs ww? Because actually i see the Panorama device only....THX

Hithead by L4 Transporter
  • 4040 Views
  • 4 replies
  • 0 Likes

Panorama Templates

What is the benefit of Panorama templates?It seems like when creating a template and pushing it out to a device, it doesn't warn you when you are overwriting device configuration. For example, I have a layer 3 interface 1/10 and my template has interface 1/10 for tap. When pushing the template out, it overwrites the layer 3 interface without a w...

das by Not applicable
  • 3923 Views
  • 3 replies
  • 1 Likes

Resolved! using vpnc with Palo Alto 4.1 IPSEC/Xauth

It seems like the freely and widely available vpnc client should work just fine with the palo alto ipsec/xauth setup, however I must be missing something. I have it working with IPAD with the shared secret + XAUTH with group/password, but with vpnc on linux I get this in the system log:IKE phase-1 negotiation is failed. Couldn't find configurati...

Resolved! Panorama. howto retrive old logs ?

Hi,I have panoram installed and configured. I have my PA FW that is now sending traffic logs and system logs, and threat logs to the Panorama.1. How can I configure PA FW to send URL logs to the Panorama ?? as I do not see any url logs in the panoram from the PA FW ?2. Panoram is now reading the current logs, how can I export the existing 1 mont...

ta185020 by Not applicable
  • 15656 Views
  • 8 replies
  • 0 Likes

Discover what is initiating a site-to-site VPN?

Hi folks.I have a situation with site-to-site VPN's on my Palo Alto's which I could use some help diagnosing.I have a number of remote teleworkers who have a company-provided Cisco 887 router, which is used to run a site-to-site, IPSEC VPN to link into our internal network.This works fine in 99% of cases, but there's always one with an issue.One...

darren_g by L4 Transporter
  • 10773 Views
  • 3 replies
  • 0 Likes

Resolved! QoS

Hi.Iam Raju.. Iam a beginner to palo alto networks...I have a small issue working with QoS... Can someone please help me...I have attached the configuration of my Device..Please have a look at it... the issue is device is not showing the QoS Statistics...ThanksRaju

Resolved! What is the reason for packet capture?

Hello all,We recently flattened our lab firewall and configured it as a tap firewall. It currently has only one security policy which is an allow all policy. The firewall currently has one zone and the only other non-standard default config is a handful of custom applications and application overrides.What I did was set a filter in the traffic l...

Blocking Postal-Receipt.exe

Hello.We have been having challenges blocking the downloading of Postal-Receipt.exe and Postal-Receipt.zip being pulled down from web-based email. The emails convince the user to click on a link similar to http://goodguy.com/wp-content/plugins/akismet/mirror.php?receipt=798_1534586700 causing the encapsulated exe to come down. The bad guys are...

HITSSEC by L4 Transporter
  • 2869 Views
  • 2 replies
  • 0 Likes

Resolved! Why is Group Mapping Different in M-100?

Hi,I'm about to deploy two PA-5060s in HA, and I am configuring everything from Panorama. When it comes to the Group Mapping on Panorama, the UI is different than it is on the firewalls.On Panorama:On the firewall:Any input is appreciated.Thanks,Alex

Abs by L3 Networker
  • 4518 Views
  • 5 replies
  • 1 Likes

Resolved! TCP Flood ID: 8501

On our user TAP interface (a TAP that collects user trafic only), we see 1000's of TCP flood events from 0.0.0.0 to 0.0.0.0 ; port 0 to port 0; Zone user to Zone user. It is always Session ID of 0. I have tried to do packet captures, but I never seem to get anything. It also doesn't show in session browser (probably because the session is 0!) An...

craymond by L4 Transporter
  • 16708 Views
  • 4 replies
  • 0 Likes

Multiple external IP's and Global protect (Not NAT)

HiI did a search on the forums for multiple IP's and found a lot of posts talking about how the Palo deals with multiple external IP's - i.e. if your ISP assigns you a /29 block and you need to NAT multiple application into your network. So basically you pick one IP, load that on the Palo interface and then just do NAT. Palo will ARP for any add...

Quinton by L3 Networker
  • 12775 Views
  • 7 replies
  • 0 Likes

Resolved! Public IP not accessible from internal addresses.

Hey All; When setting up GP and other external interfaces for access I found that any NAT inbound is not accessible when in the local network as well, only from outside. Can anyone explain if there is a NAT or GP gateway setting that will take internal users to the outside IP without failing. It is much easier to test setting up the firewalls...

amansour by L4 Transporter
  • 4172 Views
  • 3 replies
  • 0 Likes

Resolved! Set VM-100 as gateway on host.

So I am wondering if there is any way to use the VMWare workstation (I know the VM-100 is for ESXi) as the gateway on your host and if anyone has had success with just monitoring EAST-WEST traffic from the VM-100 on ESXi?

amansour by L4 Transporter
  • 2285 Views
  • 1 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks