General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! HA Down Time

Dear Support:I want to know how long will the Standby PA become active ?According to the HA best practice , Running @ PA2020 & 4.1.8the HA statue is normal , all things are matchand the link monitor had setup , interface monitor set to shutdownI ping 8.8.8.8 -t at the internal networkI unplugin one of data interface , and the standby PA bec...

j.guo by L1 Bithead
  • 5853 Views
  • 4 replies
  • 0 Likes

Resolved! Export Object Addresses list

I see there is a way to export policies, is there a similar way to export my objects/addresses? I'm trying to do a little cleanup on my PA4020's and I'd like to send object lists to the people who requested their creation, to see if they are still valid. By the way, it would be VERY helpful if I could add a comment to an object, so I know who ...

bhelman by L2 Linker
  • 4396 Views
  • 3 replies
  • 0 Likes

Resolved! HA Lite Configuration A/P not working...

Hi All,Trying to configure a pair of PA-200's as an active-passive cluster using "HA lite". Right now both devices are showing active, so it seems the nodes do not see each other as cluster members. I have defined one HA link on both firewalls, ethernet1/2...they are connected together via a cross-over cable and both interfaces are showing UP....

Resolved! Deploying Dynamic Updates

We have a Panorama box, and I thought I would try to push apps and content version 192 out to our PA-2050s that are in an HA pair. We are running PAN OS 3.1.2 on the Panorama server and the PA-2050s. I downloaded the apps package, and began deploying it to the PA-2050s when I got this message:Image uploaded.Installation initiated.content update ...

mharding by L4 Transporter
  • 10431 Views
  • 10 replies
  • 0 Likes

Resolved! HA issues since upgrade to 4.1.8

Hi.I have two 2020's in a HA configuration.On software 4.1.7, when I modified configurations etc, the synchronisation worked just fine - every change was automatically synched to the passive node on commit.Now that I've upgraded to 4.1.8, more than half the time I commit a config change, it does *not* synch to the passive pair, and I have to rem...

darren_g by L4 Transporter
  • 3912 Views
  • 4 replies
  • 0 Likes

Resolved! Veeam Application-ID

This is probably a question more for Palo Alto networks, but I'm not sure where to submit this question, or request a new app-id. I was wondering if an application profile for Veeam Backup and Recovery will ever be created? I am not seeing anything in the applipedia and wondered if there was a plan for this. I might just have to create my own...

cmateam by L3 Networker
  • 4458 Views
  • 1 replies
  • 0 Likes

Manager Interface Protection

I would like to know a way to protect the manager interface because I´m undergoing brute force attack trying to access the “admin” account and I cannot use the permit address IP because I´m over a dynamic IP connection to manager the equipment. Is there a way to block an address after 3 login fail tentative or something like this?Regard

rrunge by Not applicable
  • 2570 Views
  • 1 replies
  • 0 Likes

Source user not found

Hi there,I have a random issue occur whereby one or two of my users seem to loose access to their internet privileges. I check on PA and it shows the traffic but no source user, which is what the rule for their internet access is based on. If we reboot their pc then it is fine again, but I just wondered what could be causing this to all of a sud...

JRussell by L3 Networker
  • 5135 Views
  • 7 replies
  • 0 Likes

Resolved! Multiple IPs on public facing interface

We have a number of IPs assigned by our ISP. I have been told that I can set incoming NAT rules for the IP addresses even if they are not "assigned" to the public facing interface. Is that accurate?Thanks,Bob

BobW by L4 Transporter
  • 8027 Views
  • 4 replies
  • 0 Likes

Resolved! Symantec NetBackup

I have been searching for an application or applications that cover Symantec NetBackup communications. I have not been able to find anything. Anyone running NetBackup (versions 6.x or 7.x) traffic over a PAN firewall? What applications does the PAN identify (or not)?

cosx by L2 Linker
  • 3443 Views
  • 2 replies
  • 0 Likes

Rules for one AD group

Hello,i'm french user of PA 500.i search for create one rule apply to one AD group.i have create 1 group in my AD and had one users in this Group.on my PA settings, in User agent ID, i have had my two Ad controllers. on this controllers, User ID agent is install.On Device-server profiles-LDAP, i have had a ldap profile, no problem.On Device-User...

anider by Not applicable
  • 2815 Views
  • 2 replies
  • 0 Likes

Resolved! PAN 200 Rack Mount

Hi all,I'm planning on purchasing a PAN 200 device very soon for a small site that I'm responsible for. I'd like to know what's in the box with regards to mounting it in a standard 19" rack. I know that there is a separate rack mount kit available for the device but from the cost of it I can only imagine it's something to make the unit go in a l...

UKRB by L3 Networker
  • 6148 Views
  • 8 replies
  • 0 Likes

What does this mean? (pan_dnsproxyd_parse_instance(mgmt-obj) failed)

Config commit phase 1 aborted(Module: device) pan_dnsproxyd_parse_instance(mgmt-obj) failed (Module: dnsproxyd) Commit failed Apart from the obvious (that the commit failed).I had just deleted the IP address of the management interface. What is the management interface really for? Do you have to use it? Do you have to have it configured? Why...

kjh by Not applicable
  • 2366 Views
  • 1 replies
  • 0 Likes

How to debug a Captive Portal Issue?

Hi, how can I debug the Captive Portal logon process?Because i getting a failed authentication error.The username and password are definitly correct.The user is in the group for the Captive Portal.Aug 29 09:51:32 pan_authd_process_authresult(pan_authd.c:1247): pan_authd_process_authresult: domain\name authresult not auth'edAug 29 09:51:32 User '...

  • 24397 Posts
  • 123 Subscriptions
Top Solution Authors
Labels