General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 197 Views
  • 0 replies
  • 0 Likes

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 879 Views
  • 0 replies
  • 0 Likes

Authentication Fallback

Hello,

So, we currently authenticate administrators to our PA's via Radius (TACACS).  Is there a way to configure the PA's that it will only use the local DB / Administrators if Radius isn't available? 

Thanks!

mrsold by Not applicable
  • 10251 Views
  • 10 replies
  • 0 Likes

Rule hit count or unused rule in custom reports or CLI

There are no fields related to rule hit count or any way to identify unused rules in Panorama custom reports. Is there a way to get a consolidated view of unused rules across all device groups at once and not just through the policy page per device g

...

x2aembre by L0 Member
  • 1463 Views
  • 2 replies
  • 0 Likes

PA5410 Version 10.2.4 not allow to set offload to true

Hello
We are detecting sporadic CPU spikes on a FW 5410 version 10.2.4 , the average is fine however, we observe sporadic spikes of 95% 96% ...100%. Before with the old FW model we did not have this problem and we have not changed any configuration.

W

...

Alpalo by L4 Transporter
  • 1444 Views
  • 2 replies
  • 0 Likes

TCP-RST-FROM-CLIENT and TCS-RST-FROM-SERVER

Hi All, 

 

As captioned in subject, would like to get some clarity on the tcp-rst-from-client and tcp-rst-from-server session end reasons on monitor traffic.

 

Even with successful communication between User's source IP and Dst IP, we are seeing tcp-rst-

...

Jimmy20 by L2 Linker
  • 257160 Views
  • 6 replies
  • 2 Likes

Support account with personal email?

Purchased a 440 lab unit for my personal lab through my previous employer who is no longer in business (and inaccessible email) so I need to now register it with my own personal email but am having trouble. Trying to study for PCNSE after getting my

...

VK9H13 by L2 Linker
  • 1014 Views
  • 1 replies
  • 1 Likes

Upgrade VM-Series model - VM100 to VM300

Hello.

I have as a goal to upgrade the palo alto firewall from VM100 to VM300.

 

I am in a process of understanding the process, so I am wondering if I could get some assistance from this forum.

Thank you in advance.

 

Going through the guide

Upgrade

...

alwi by L0 Member
  • 1215 Views
  • 1 replies
  • 0 Likes

Cloud Identity Engine

While attempting to synchronize an on-premises server with Cloud Identity Engine, we encountered the following error

 

Confirm the domain name configured on the agent matches the Canonical Name of the domain controller to ensure Cloud Identity Engine

...

Screenshot 2023-05-24 221725.png
Screenshot 2023-05-24 221635.png

VPN Site-to-Site Private IP and Public IP

VPN Site-to-Site Private IP and Public IP

Good afternoon everyone, is it possible to set up a Site-to-Site VPN between a site with a Palo Alto Private IP and a Palo Alto Public IP.


Site Privado: PaloAlto---IpWan-192.168.1.254---Router/Modem--------Inte

...

Metgatz by L4 Transporter
  • 6636 Views
  • 7 replies
  • 0 Likes

SD-WAN Hub and Branch PANOS versions

Is there a requirement for PANOS version to match for SD-WAN or for the Hub site to be of a higher version of PANOS.

 

Example: Hub is on version 10.2.4, Branch is on 10.2.6

 

Would there be any issue with this?

teaton by L0 Member
  • 732 Views
  • 1 replies
  • 0 Likes

GP stops working when ecmp is enabled

We have Palo Alto firewall with three Internet links. One is a leased line and other two are ADSL links. I have configured ECMP on the two ADSL lines to load balance traffic on the two ADSL links. Global Protect is configured on the leased line. I ha

...

Dijesh by L1 Bithead
  • 3229 Views
  • 11 replies
  • 0 Likes

Resolved! Received Suspicious alerts "-- MARK --"


We are receiving suspicious alert from Palo Alto firewall on syslog server. how to stop receive these alerts. 


<46>Oct 24 05:50:14 PA-3020 -- MARK --
<46>Oct 24 06:10:14 PA-3020 -- MARK --
<46>Oct 24 06:50:14 PA-3020 -- MARK –

Karthi_N by L1 Bithead
  • 1767 Views
  • 2 replies
  • 0 Likes

Resolved! Self-Signed Certificate Issues

Hello everyone,

 

I am trying to make a self-signed cert for use with Global-Protect in my lab. I go into Device, Certificates, Generate, give the cert a name, Root_GP_Cert, common name of 192.168.189.155 which is the WAN side IP Address. Click the C

...

GWynn by L3 Networker
  • 5139 Views
  • 2 replies
  • 0 Likes
  • 24013 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels