General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 2904 Views
  • 2 replies
  • 14 Likes

Failed to commit policy to device after downgrading 10.0.0

Hi All,

 

We are trying to downgrade from 10.0.6 to 9.1.15. After we downgrade to 10.0.0 first , the auto commit have error. It mention failed to commit policy to device. Do anyone have go through the same problem? My suggestion is we just downgrade

...

Momoj by L2 Linker
  • 2132 Views
  • 3 replies
  • 0 Likes

Resolved! 3050 to 3250 Hardware Upgrade

Hi,

I will be upgrading my 3050 firewall (managed by panorama) to a 3250 soon and am curious if there are any best practices guides out there moving from a 3050 to a 3250?

 

Thanks!

Resolved! User ID Agent - Monitoring logs

We've noticed errors in the Monitoring logs of our Windows servers running the PAN Agent ID software.

The User ID is working fine but the error is continually filling the logs. (error screenshot attached)

 

PAN o/s 10.1.6 h3 and the Agent ID versio

...

Screenshot 2022-12-22 151042.jpg
vij by L1 Bithead
  • 1596 Views
  • 1 replies
  • 0 Likes

Resolved! threat log and traffic log time not match

Hi All, 

 

Same session id, see 37 entries in threat log at 9:28 and only 1 entry in traffic log at 11:16
Session ended reason is tcp-rst-from-client

There is a threat log before there is a traffic log
How to explain such a long time difference? Does a

...

Hsinyu by L1 Bithead
  • 1038 Views
  • 1 replies
  • 0 Likes

Resolved! dashboard session expire time

Dear Team,

 

If I look at the bottom of the dashboard, I can see 'session expire time'.

 

I think that option refers to the last time I logged out.

 

But the date info doesn't seem to fit

 

I would like to know what the setting is and why the time i

...

CHOEKyungJun_1-1671788957044.png

A way to correlate the logs for DNS Sinkhole?

Dear and valuable Live Community Members,

 

One of our customers came to us with some questions in regard to the issues he is facing to correlate the logs for DNS Sinkhole, and we are wondering if there is a solution to it.

 

The customer currently h

...

RMA replacement

Hi All,

 

We will doing a RMA replacement for PA-3220. The faulty unit is cannot access anymore from GUI or CLI and it's managed from Panorama. We only have the backup configuration and not the device state. So, what we should?

1)Do we replace the fa

...

Momoj by L2 Linker
  • 2394 Views
  • 13 replies
  • 0 Likes

RFC1918

Basic trust to untrust policy I see internal address sending snmp to addresses like 10.0.0.1, 192.168.1.x.

 

Do people create a policy to block internal traffic going to RFC1918 on the untrusted interface?

How to set 2FA to local superuser

Prerequisites

Currently,  user has two admin accounts.

  1. Default local admin account(Superuser)
  2. New local admin account synchronized with Cisco Duo(Superuser)

End user has to consider how to treat “Default local admin account”.

As a result of considerat

...

Config Change Tracking

Looking for suggestions of how others track config changes: who made the change and what changed; similar to config audit but for every change made over time. The goal is training and accountability.

 

I’m aware of Rancid, which may or may not work a

...

No "Apps Seen" / Policy Optimizer data on Panorama

Hi,

We have a new deployment of Panorama using Datalake storage.

Log data from the firewalls is successfully coming through to Panorama, however, there is no "Apps Seen" or info shown for apps under Policy Optimizer.

Rule Usage data is available, and

...

SARowe_NZ by L3 Networker
  • 2115 Views
  • 4 replies
  • 0 Likes
  • 24019 Posts
  • 99 Subscriptions
Top Solution Authors