This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4254 Views
  • 0 replies
  • 0 Likes

CLI "target" command

Can someone please explain what the CLI "target" command actually does? It says that its for a "management session target". What does that actually mean?

jwolach by L4 Transporter
  • 2682 Views
  • 2 replies
  • 0 Likes

Resolved! MS-RDP NAT Issue

I am trying to create a static destination NAT to enable RDP access on port 3389 for one of my internal servers, but no matter what I try, it just doesn't seem to work. I've read through several KB articles as well as https://live.paloaltonetworks.com/docs/DOC-1517 and I've set everything up as it seems it should be, yet no NAT session is ever ...

HSRP:- Ideas / suggestions thoughts on how to achieve this using Palo Altos in Active/Passive.

Greetings Evereyone,I need some ideas / suggestions / thoughts on:For reference, I just attached a hand drawn network diagram.Just to provide a brief description, I have a network scenario that presently uses HSRP to maintain Active/Passive configuration on the border Cisco FWSMs firewalls. I will be replacing these FWSMs with Palo Altos in HA....

ARP load sharing

We are planning to set up HA in Active Active mode. The boxes sit in separate locations with Layer 2 network between them. Currently our guest Network site on our second PA-2020 with our LAN on the first. Wer had to put the guest Network on second box as we had an issue where we was filling the arp table. When you run Active Active how does a...

BBHLTD by Not applicable
  • 3065 Views
  • 2 replies
  • 1 Likes

Resolved! Ldap Proxy

Hi,in what situations should we use user-id agent as Ldap Proxy ? And when we select this function, how agent behaves?

Resolved! Exclude config snippet from HA sync?

Hi,I've deployed two standalone firewalls...i.e., non-HA. And have been using the interface comment field to document the switch port that interface is connected to. I'm now building an active/passive cluster and noticed that when I sync the configs, the passive firewall gets its interface comments overwritten with the comments from the active...

Empty Reports, What a I missing?

I am new to the PaloAlto world, and admittedly somewhat overwhelmed at the moment. I am working with the reporting features and not getting even close to the results I expect. Particularly when I run a "User Activity Report", I get a 5 page PDF and all pages read "No Data Available" see attached reportEmpty Report. I figure I am not logging some...

Process to change to HA from cold spare

The HA documentation states that one should start with a 'clean slate' when implementing HA. I currently have one PA-500 in production on 4.1.4 and another PA-500 as a cold spare. The production PA-500 has 2 unused traffic ports that can be used for HA. I would like to know what the least disruptive process is to change from cold spare to active...

pkuhnen by L0 Member
  • 5628 Views
  • 6 replies
  • 0 Likes

top bandwidth usage

is there a way to fined the top bandwidth usage in PA 4.1.x in the exact moment that i need , because usually i have to wait for 15 minutes to get it from the ACC.bandwidth

Question regarding unknown application behaviour

Lets say you configure a rule with:Application = AnyService = Custom Service (TCP port 12345)Now when the AppID engine cannot match anything I guess it classifies the traffic as "unknown-tcp".Will the traffic be allowed (because unknown-tcp is part of Any and the firewall will practically act as statefull firewall) or will it be denied?What is t...

Anon1 by L4 Transporter
  • 4756 Views
  • 5 replies
  • 0 Likes

Resolved! MDT and GP client

What's everyone using to deploy GP client? We're finding that because the GP client is not populated with any information(when downloading it from our PA firewall) it's causing problems with the MDT process. The MDT process stops as the GP client pops up expecting you to put the GW IP.Any help or guidance would be appreciated ThanksRodglo

djrodb by L3 Networker
  • 3094 Views
  • 1 replies
  • 0 Likes

Resolved! How to Fix - Error in getting locked users?

I have users locked out and yet when I go to Device > Authentication Profile is how this error in the Locked Users column "Error in getting locked users". What is cause and how do I fix it?This has now come up fairly often.System PA-2020 with 4.0.4 code.

Assigning VPN User a Static IP

We have a customer who is running a specific thick application that requires the user to have the same IP address every time they attempt to authenticate to their servers. In the office this is not an issue since we can assign them a static IP and then do NAT based on that IP address. However, they need these users be able to VPN in and use the ...

jmahoney by L1 Bithead
  • 4279 Views
  • 2 replies
  • 0 Likes
  • 24362 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks