This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4127 Views
  • 0 replies
  • 0 Likes

Resolved! How to Ping Public IP on PA500 Interface from same PA Untrust Interface

Currently we have a Guest Wireless network setup behind our PA. We'd like to use this network as a test network as well, for certain projects we are working on, to act as if it was outside the network. I have done this in the past with other vendor firewalls but I have not been successful in making this happen on a Palo Alto.Right now, when I co...

ARP timeout

Hello,We have a customer who is facing issue described by this KB article :I wonder whether it is possible to change the default timeout value which is set to 1800 seconds ?It could be very helpfull in some situations, and most of the network devices allow to change this value.I searched the Admin guide and CLI guide as well as the KB but I didn...

ldormond by L3 Networker
  • 4176 Views
  • 3 replies
  • 0 Likes

Radius access for MGT conflict radius for user access.

Dear,we use radius profiles for internal users towards a customer internal network policy server and so. The administration of the palo firewall is done via the MGT interface on a dedicted pvlan based administration network. We want to enable radius authentication for administrator purposes , but this seems to be impossible due to the fact that ...

gejack by L1 Bithead
  • 3295 Views
  • 1 replies
  • 0 Likes

Can I use DNS Proxy to Host External DNS?

Hello,I'm going through my first ever configuration of a PAN-500, coming from the McAfee Secure Firewall (Sidewinder). Our current firewall authoritatively hosts our external DNS records pointing to our MX records, etc, and I wanted to know if it's possible for the DNS Proxy module on the PAN-500 to do the same thing.Thank you.

Resolved! Support SSL/TLS Ciphers supported??

Hello GroupI am looking for the official list of supported and unsupported SSH/SSL ciphers on the Palo Alto Networks solution.Maybe I am not necessarily looking in the right location.Thank you.

scantwell by L4 Transporter
  • 4175 Views
  • 2 replies
  • 0 Likes

Resolved! Security Profile default actions

Once again I find myself searching for documentation, once again I am disappointed. There have been a couple posts over the years asking to see the magical "default actions" and the standard answer is "here's how, go look yourself"This is an unacceptable answer. Someone has the list - what's the secret? I'll bet it's even updated regularly.Come ...

dsinnott1 by Not applicable
  • 5876 Views
  • 5 replies
  • 0 Likes

Product sizing

hiwhat is the best way to size an appliance to find which model fits the customer network, is there a tool or a technique for it ? ..

u3974 by Not applicable
  • 3891 Views
  • 3 replies
  • 0 Likes

Resolved! Interface "attack" counters

Hi,With the command "show counter interface ethernet1/X" i see several counters related to different kinds of "attacks".land attacks ping-of-death attacks teardrop attacks ip spoof attacks mac spoof attacks I'm unable to find documentation or a desc...

torm by L4 Transporter
  • 3942 Views
  • 1 replies
  • 0 Likes

search traffic logs by vsys in CLI

Does anyone know how to specify your traffic logs by vsys and add multiple search parameters of the same type like you can in the gui? We are running PanOS 4.1.7. Notice that the app option does not show up anymore and and there is no vsys option.PA-1(active)> show log traffic action equal deny app not-equal not-applicable + csv-output cs...

Jinx by L1 Bithead
  • 2946 Views
  • 1 replies
  • 0 Likes

How do you allow Polycom (nat) via Palo Alto FW?

Hi,I'm having issue with configuring NATing for my Polycom unit sitting behind the firewall to work. I have allowed all the required apps for Polycom to allow outgoing and incoming. My issue is when I can only call out to another party with public IP but can't receive call from outside the network. I have both NAT rule for both ways in place....

akatev by L0 Member
  • 12050 Views
  • 15 replies
  • 0 Likes

Resolved! about certificate expired date

Hi All,Is there any way to custom certificate expired date that generate by paloalto itself ? I saw it on webpage that is too short, it only have six monthes.Thanks.Regards,Joy

  • 24336 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks