This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4224 Views
  • 0 replies
  • 0 Likes

Clearing snmpd.log due to log overflow

I recently upgraded to PAN 5.0.1. I am now receiving the following alert - Clearing snmpd.log due to log overflow. I have been trying to get more information on this alert but have been unsuccessful. I am concerned with what the log overflow is referring to. Do I need to tweak my default configuration for log retention in the 5.X code. Is th...

Resolved! MAC address spoofing

Does someone know if it is possible to spoof/change the mac-addresses from a VM PAN 100? Our ESXI Vendor won't enable Promiscuous Mode, so we don't have data through our Ethernet ports. I guess maybe, when I can spoof the MAC address, it might be working.

VSA by L0 Member
  • 3010 Views
  • 1 replies
  • 0 Likes

UDP Packet size

Does anyone know if the maximum permitted UDP packet size follow the MTU setting? or is there a specific setting for this?I need to understand if the PA automatically allows UDP packet sizes over 512 bytesThanksRod

djrodb by L3 Networker
  • 10537 Views
  • 5 replies
  • 0 Likes

Resolved! GlobalProtect portal corrupt.

Running an 2050 Active Passive HA pair.Yesterday I noticed that I couldn't login with the Globalprotect client. After some investigation I noticed that I could log in on the Globalprotect Portal web page, but after the login the page which offers the client downloads would not show up and the connection was reset after a timeout of ~30 seconds.I...

OSPF

Hi,Can anyone please help me with ospf issue iam facing.I have attached the OSPF config of Palo Alto and downstream SRX 100 devices.Iam unable to get the OSPF routes in Palo alto device. ThanksRaju

Resolved! How to generate a CSR from a Self Generated Palo Certificate

Hi There,I am struggling to generate the CSR for a self generated certificate on a Palo firewall (this is the first time I am doing it). I did look into all the documents in the knowledge base and they seemed to be very confusing. I have generated two certificates (one for captive portal and the second for SSL-VPN) using the Palo's Generate op...

Resolved! ICMP Source-Quench?

Hi,In Cisco ACLs, they have the option of adding rules like "access-list OUTSIDE extended permit icmp any any source-quench". Does Palo Alto have a way of distinquishing ICMP message types? I've tried looking in the application library, and ICMP shows up as an App (just like ping does) not nothing about Source-Quench, Time-Exceeded, Unreachable,...

Abs by L3 Networker
  • 2612 Views
  • 1 replies
  • 0 Likes

Resolved! Panorama and Threat Map

Hello togheter,few days ago we started to forwarding our logs from our PAs (located world wide) to Panorama.I really like the Threat Map under the App Scope Monitor tab.Do you know, if its possible to configuried it so, to have an overview of all PAs ww? Because actually i see the Panorama device only....THX

Hithead by L4 Transporter
  • 4129 Views
  • 4 replies
  • 0 Likes

Panorama Templates

What is the benefit of Panorama templates?It seems like when creating a template and pushing it out to a device, it doesn't warn you when you are overwriting device configuration. For example, I have a layer 3 interface 1/10 and my template has interface 1/10 for tap. When pushing the template out, it overwrites the layer 3 interface without a w...

das by Not applicable
  • 3989 Views
  • 3 replies
  • 1 Likes

Resolved! using vpnc with Palo Alto 4.1 IPSEC/Xauth

It seems like the freely and widely available vpnc client should work just fine with the palo alto ipsec/xauth setup, however I must be missing something. I have it working with IPAD with the shared secret + XAUTH with group/password, but with vpnc on linux I get this in the system log:IKE phase-1 negotiation is failed. Couldn't find configurati...

Resolved! Panorama. howto retrive old logs ?

Hi,I have panoram installed and configured. I have my PA FW that is now sending traffic logs and system logs, and threat logs to the Panorama.1. How can I configure PA FW to send URL logs to the Panorama ?? as I do not see any url logs in the panoram from the PA FW ?2. Panoram is now reading the current logs, how can I export the existing 1 mont...

ta185020 by Not applicable
  • 15859 Views
  • 8 replies
  • 0 Likes

Discover what is initiating a site-to-site VPN?

Hi folks.I have a situation with site-to-site VPN's on my Palo Alto's which I could use some help diagnosing.I have a number of remote teleworkers who have a company-provided Cisco 887 router, which is used to run a site-to-site, IPSEC VPN to link into our internal network.This works fine in 99% of cases, but there's always one with an issue.One...

darren_g by L4 Transporter
  • 10821 Views
  • 3 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks