This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Zone to Zone for OWA/activesync?

Our users private devices are on a separate subnet/vlan and a separate PA zone using the Google DNS servers. I have been forcing a captive portal in order to enable user ID for these devices. This has been working fine.I have set a rule so that these devices can access our exchange server via OWA/activesync by going out to the internet and hit...

BobW by L4 Transporter
  • 3235 Views
  • 3 replies
  • 0 Likes

Resolved! Panorama: Is it possible to assign an admin role to a vsys?

In Panorama, is it possible to assign an admin role to a vsys? I don't see the option on the admin role tab in Panorama. I only see it on the device itself. Please see attached screen shots as a comparison between the Panorama view and the Device view. Thank you.

bbsoc by L2 Linker
  • 5444 Views
  • 2 replies
  • 0 Likes

Resolved! Has anyone ever seen this on the physical interfaces.

Was working for a while the the interface decided to go down and I kept getting this warning every time I commit. I have checked both ends and it seems to me that the 10gig interface on the palo side is bad. Both are the same so I do not understand why I keep getting this message. e1/21 is green but e1/22 is red and will not come up.Warning: ...

Resolved! PA200 process running at 100%

Hi there,I've seen a task called pan_task taking up 100% cpu on two of my PA200's. Is this a PA200 specific thing? Not seen this on any other hardware platform, looking into it further it does not look like it's actually using 100% CPU, wondering if it's something to do with the single cpu architecture and splitting the two cores to backplane/ma...

Ante by Not applicable
  • 6977 Views
  • 3 replies
  • 0 Likes

Which logs to check for firewall auto reboot?

Hello,I need to go through the logs to check why the active PAN 2020 rebooted itself. I only have access to the cli (I have to ssh via the now active FW).Which logs should I check?? Under mp-log there is a whole bunch of logs I am not sure which one to check for system failure related issues.The reboot time is suspiciously close to the applicati...

BTS_MS by L2 Linker
  • 21058 Views
  • 3 replies
  • 1 Likes

BrightCloud to BlueCoat Category mapping?

Is there a more recent Blue Coat WebFilter to BrightCloud URL Category mapping? I found the document from Jan2011 that lists the categories and the recommended mappings at that time. However in the last 2 years both vendors have added and removed categories and changed the descriptions of some of their existing categories. A more recent mappi...

robertb by L0 Member
  • 2541 Views
  • 1 replies
  • 0 Likes

Firmware 4.0.8 to 4.1.8

I am new to Palo Alto firewalls and I am hoping this a quick easy question for somebody who is more familiar with them. I would to like to upgrade my PA500 to latest firmware. It looks like the latest release is 4.1.8 (I am using 4.0.8). I have downloaded 4.1.8 to the firewall. Once I click install on 4.1.8, will that require a reboot of the fir...

PAN only takes the first category of an URL from Brightcloud

Here is an example:www.aetna.com is rated on the website of Brightcloud as "Business and Economy" and "Health and Medicine"."test url www.aetna.com" results in a "Business and Economy", which could cause some legal issues when traffic to "Health and Medicine" should not be performed due to privacy reasons.Are there any plans to change that in t...

Policy Based Forwarding only works when using specific IP

Thinking outloud here...I would like to record voice traffic for VPN connected customer service agents.Traffic comes in a VPN-HomeRouters tunnel from a 10. IP range.The PBF works when setting source Zone and IP, Next Hop and 1 destination IP.When i change the IP to a range then the forwarding gets skipped (i'm thinking because of the Virtual Rou...

Resolved! Captive portal behavior with Ipads/Iphones

I am using the CP quite successfully. However, I am running into some strange behavior with the Iphones and ipads.If I connect a (non AD Bound) computer to the wireless, it connects fine and I get prompted for the captive portal only when I try to get to the internet. Perfect behavior.When I attach on Ipad or Ipod to the wireless, as soon as i...

BobW by L4 Transporter
  • 8836 Views
  • 4 replies
  • 1 Likes

Resolved! 46076 ARP issue and 5.0.1

Hey,Has this been fixed in PANOS 5.0.1 release? It has no reference in resolved issues in release notes to that release. However this KB article says it should be fixed in 5.0.1: Can anyone confirm that this has been fixed for 5050 and release 5.0.1?

Resolved! How to Ping Public IP on PA500 Interface from same PA Untrust Interface

Currently we have a Guest Wireless network setup behind our PA. We'd like to use this network as a test network as well, for certain projects we are working on, to act as if it was outside the network. I have done this in the past with other vendor firewalls but I have not been successful in making this happen on a Palo Alto.Right now, when I co...

ARP timeout

Hello,We have a customer who is facing issue described by this KB article :I wonder whether it is possible to change the default timeout value which is set to 1800 seconds ?It could be very helpfull in some situations, and most of the network devices allow to change this value.I searched the Admin guide and CLI guide as well as the KB but I didn...

ldormond by L3 Networker
  • 4292 Views
  • 3 replies
  • 0 Likes
  • 24379 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks