This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4118 Views
  • 0 replies
  • 0 Likes

Upgrading 4.07 to 4.1.2 in HA environment

The following change log may be useful to all of you wondering how an upgrade goes in an HA active-passive pair. It would be nice if PAN support were to put this into a tech note. Each step is essentially a check or an observation from top to bottom.2050 Firewall Upgrade 4.07 to 4.1.2 Log:Pre download of PAN-OS 4.1.0 and 4.1.2 to both unitsNo co...

gmoerschel by Not applicable
  • 12370 Views
  • 16 replies
  • 0 Likes

Resolved! HA recovery advice after upgrading Active first

Being a newb and never having updated my Active/Passive HA pair, I took the 4.1.10 release notes at face value. There is no mention of special provisions for HA upgrades so I clicked "install" and now have a 4.1.10 Active member and a mismatched 4.1.7 passive member. Having now read the full product documentation I understand the "proper" way to...

MCmgt by L2 Linker
  • 3905 Views
  • 2 replies
  • 0 Likes

Reports - i cant see source ip complete.

Hi,I have a PAN-2050 (Software version 4.1.5) and i have configured a predefined report with diferents tops (top 5 connections, top 5 destinations, top 5 applications). The problem is that when i dowload and see the PDF with the report i cant see the entire ip in the Top 5 connections and i dont know where i can do more bigger the field where th...

Agentless User-ID not processing ingore-user list

I've been working on trying to configure all the firewalls with the Agentless User-ID setup but despite several attempts to enable it I cannot get it to ignore users.I establish a session and enter config mode and type in the command set user-id-collector ignore-user [ domain\serviceaccount ] then commit the changes and despite doing so I still ...

jfarm by L1 Bithead
  • 6116 Views
  • 6 replies
  • 1 Likes

Resolved! issue downloading release notes

I've been having issues downloading release notes regularly. The download doesn't even start, no matter if initiated from the support page or from the PA UI (Device-Software).Not a policy issue...Anyone else noticed that ?

dieter_b by L4 Transporter
  • 2467 Views
  • 2 replies
  • 0 Likes

SSL VPN client is sending the PA traffic with other local interface IP

I realised that some traffic from several remote clients is going through the firewall with another remote-local IP address, different from my remote assigned-pool. Obviously, this traffic is beeing dropped. It happens with users accessing correctly to other services (with the correct VPN-assigned IP). Could it be a Global Protect issue?It start...

Resolved! Installing an Intermediate CA

I'm getting the following error when I perform a commit on a PA-3020. PAN-OS 5.0.1. I know I'm doing something wrong. I'm new to installing certs so feel free to point and laugh.I had a certificate signed by GoDaddy for use by Global Protect. It came signed by an Intermediate CA.I've created a chained certificate to make sure the Intermediat...

Intermittent Group Membership problem

We are currently having a problem with a new domain where the group membership intermittently disappears. If you run the command "show user user-IDs match-user domain\" (4.1.x) or "show user pan-agent user-IDs match-user domain\" (4.0.x) it shows users mapped to AD groups.This is happening on a single new domain where all other domains are worki...

rds by L2 Linker
  • 3156 Views
  • 3 replies
  • 0 Likes

Resolved! How to import device configuration into Panorama ?

Hello,We have a customer who has installed and configured a PanOS 5.0.0 A/P cluster of devices a few time ago.Now he has bought a Panorama licence to centrally manage and report his devices.Is there a quick and straight way to import devices congigurations into Panorama ?I have seen this documentation that describes how to manually import a conf...

ldormond by L3 Networker
  • 3370 Views
  • 3 replies
  • 0 Likes

BGP Route Table

So in discussions with a few customers the BGP functionality has come up when peering with ISPs and replacing dedicated BGP equipment. The route table size on the PAN5060 is roughly 64000 routes. Most Universities have tables upwards of a 1/2 Million. Also Dynamic routing is currently unsupported on IPv6 as of PANOS5.0.2. As a workaround we...

amansour by L4 Transporter
  • 3356 Views
  • 1 replies
  • 1 Likes

two factor authenticaton tokens with PAN firewalls...

I am looking for a two factor authentiction solution for PAN firewalls (Global Protect). particularly interested in a Mobile phone base app to provide security token or OTP to authenticate users via Global Protect. Anybody have any good or bad experiences with these?

sns.jon by L0 Member
  • 4671 Views
  • 5 replies
  • 0 Likes

Global Protect Client

Hi I'm using radius (rsa) to authenticate GP users and can't get me head around the GP client configuration - specifically the section where you need to put a username and password. How can this be possible when the RSA token changes every minute?Can someone shed some light on this please ThanksRod

djrodb by L3 Networker
  • 6188 Views
  • 7 replies
  • 0 Likes

Policy Based Forwarding (PBF) problem

I’ve got problem with policy based forwarding. I have 2 ISP - traffic to the 1st ISP is forwarded by pbf, to the 2nd – via default route. PBF rule monitors the remote target’s IP and availability of nexthop address. My question is: how the pbf is checking availability of the nexthop address. I have sniffer open on nexthop address host but I can’...

How to Lock down Search Engines to Safe Searches

Here are some custom vulnerabilities and one custom application I wrote to block unfiltered (Bad) searches on the big search engine sites.These were written in 3.1.0 software.UPDATE: See attached for 4.0 version of these vulnerabilities and custom application.Here is what they do:Bing:· Blocks all explicit content in images and videosGoog...

u2913 by Not applicable
  • 8322 Views
  • 3 replies
  • 0 Likes

Help on Global Protect using LDAP Authentication..

Hi,I been having trouble with GP authentication using LDAP server..It seems like if i didnt set the SSL on the LDAP configuration, the AD is not able to communicate with the PAN..Even if i did set both of non SSL or SSL, it still didnt show any users and authentication at GP page failed..tail mp-log useridd.logJan 17 16:56:24 Error: pan_ldap_ctr...

samsk by Not applicable
  • 4792 Views
  • 2 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks