This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4136 Views
  • 0 replies
  • 0 Likes

Resolved! Track IP

Hi all,I have a setup with two ISP's where one is active and the other is redundant sitting in a VR. The routing and failover works fine but only if my actual link goes down on my main ISP which will pull the static route. Is there a way to do a track IP type command in order to check for upstream failures of the ISP.Thanks!

Resolved! Device Upgrade 2020 to 5000

Hi, We are planning to upgrade PAN 2020 series to 5020 or 5050. I am wondering if we can simply restore the backup of a 2020 on 5020 and everything should work fine. We are running software version 4.1.7. Currently we are running with active/standby pair of 2020 and we have two vwire, two HA and one captive portal interface on each box. Thanks, ...

ahmedf by Not applicable
  • 3614 Views
  • 4 replies
  • 0 Likes

Resolved! SSH Config

I need to allow a one time SSH connection from the Internet to my LAN for the configuration of a device. So far I have created an SSH service and security policy, allowing any device to connect to the external I.P. address of my PAN. I have also created a NAT rule pointing my Internet facing I.P. address to the devices' I.P. address. When I try ...

Custom Gmail Signature

DearsI have followed the tutorial below to create a custom signature in order to differentiate personnal gmail accounts to our corporate gmail.https://live.paloaltonetworks.com/docs/DOC-1494My problem is my domain is like domain.com.brIn the tutorial example they said for domain loggedoff.org context: http-req-url-pathvalue: /a/loggedoff\.orgis ...

realtime bandwidth graph for interfaces

I'm looking for realtime graphing of bandwidth going through the interfaces.Compareable to QOS graphing, see attached screenshot. But instead of divided per QOS class, divided per interface.Is it currently possible ?

dieter_b by L4 Transporter
  • 4700 Views
  • 2 replies
  • 0 Likes

Resolved! SSH decryption policy

Hi All,We have recently deployed PA devices in our network as IPS. We have configured SSH proxy and provide an exception with negate policy for the hosts. I have a basic question regarding decryption rule. I am assuming all rules work like firewalls with src zone + hosts (if any) + dst zone + dst hosts (if any) and services. Is it true for decry...

Resolved! User Identification Timeout - What to do ?

Dears, I have Palo Alto consolidated and working fine in my network but sometimes I have to do some changes on AD groups to give some rights to some users...I am realizing that all changes delays too much to take effect in Palo Alto, I think is because my agent have user identification timeout set to 45 minutes..In other words Palo ALto delays a...

Resolved! Commit All Failed

Hi,I getting commit all failed (Maximum number of address exceeded for this platform) when trying to install a policy on PA-200 and PA-500 firewalls. Any ideas on how to resolve this?Partie.

Panorama 4.1.7 issues

1. Dear Team,I have recently installed panorama software (Software Version 4.1.7) and after the configuration, I came across the following issues:· The managed devices in panorama software (Panorama Tab->Managed devices->shared policy status) are showing the shared policy status in out of sync mode.· I’m able to push the a...

itsecll by L1 Bithead
  • 2024 Views
  • 1 replies
  • 0 Likes

Mail filtering

Hello,Can someone explain or tell me where to find information about mail filtering ?For example, I'd like to be able to filter mail based on attachments (reject email with ".exe", etc.)Is it possible to do so ?Thank you,Yoann

support_A by Not applicable
  • 2042 Views
  • 1 replies
  • 0 Likes

Redundant links

Hello,I have a L3 deployment, and I need to support a link fail, Aggregate interface is not a solutions since QoS is not supported in aggregate interfaces, the firewall will be connected to the switch core but STP dont work in PA firewall. How can I get a redundant link maybe in physical layer with support for QoS?thanks in advance

proscar by Not applicable
  • 5102 Views
  • 3 replies
  • 1 Likes

Site Visited User Report by Time.

Hi,We have migrated from WebMarshal to using the PaloAlto and can generate most of the reports we need to except for a report that shows the time spent on a Website by a user over a selected period of time. This is quite handy to see who is really time wasting. If this report is possible can someone please assist with configuring it. Also if ...

Failed to get portal config from portal

What conditions allow the GP coffig to be downloaded? I have the GP configured and am able to dowload the client. No cert error. I am using a single cert. Firewall is in 4.1.4 & GP is on 1.1.4.Here is the error from the PANGP Service logs:(T6460) 04/08/12 19:03:59:055 Info (2375): msgtype = user_credential(T6460) 04/08/12 19:03:59:055 Deb...

msingh by Not applicable
  • 13441 Views
  • 7 replies
  • 0 Likes

Resolved! UserID not 'working'

I've got a PA500 pair with 4.1.7 where PAN agent has been replaced with group mapping, whereby I now need to install a user-id agent instead of the PAN agent to get any user details in the logs and use in policy (is that statement correct?)I'm having a few problems,* user accounts to IP devices seem to pick up the wrong one, from what I can thin...

Ante by Not applicable
  • 4500 Views
  • 4 replies
  • 0 Likes
  • 24340 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks