General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 416 Views
  • 0 replies
  • 2 Likes

Resolved! user-id-agent unexpected here

Hello, 

 

i just update pan os from 9.1.6 to 10. 

And on one of the firewall i get error:

..........
Validation Error:
user-id-agent unexpected here
vsys is invalid
[edit]

 

Could you please advice were can be the problem.

Thank you!

stef by L2 Linker
  • 9076 Views
  • 5 replies
  • 0 Likes

Resolved! PBF for incoming traffic

Hello everyone,

I've a setup on a PA-820 cluster with 3 ISP connections.

Every connection has its own zone (for clarity WAN-1, WAN-2 and WAN-3) and the default route in the virtual router is for WAN-2.

I need to publish some services from my DMZ subn

...

vulnerability block-ip inoperative

I put anti-spyware vulnerability protection

critical, high The action is set to block-ip 1800

From the threat log, we can see that spware is effective, but vulnerability is not effective, it is drop, not block-ip

I also checked flahs like client to s

...

Palo Alto Firewall Lab

Hello

I just finished a Palo Alto Firewall course and I want to practice what I learned. I have a PA firewall as a virtual machine.

Where can I find some free practice labs with questions and objectives, for hands-on work?

And what software do I need

...

Device Telemetry to Cortex Data Lake

Hello,

 

just finished to setup Cortex Data Lake on my PA-220 (without Panorama, using the Hub).

 

After enabling Telemetry (as asked by 10.0.1) and setting up the Telemetry Region as my Cortex Data Lake region (Europe) the status for Device, Product

...

Schermata 2020-09-29 alle 22.37.32.png
duccio by L0 Member
  • 13780 Views
  • 7 replies
  • 1 Likes

DNS Server Profile on a vsys

I set up an additional vsys for a different network with it's own DNS servers, which send the integrated user-id to the relevant domain controllers. A DNS Server Profile and proxy have been setup in the additional vsys. But the user-id DNS requests a

...

Resolved! error message after Panorama boot

Hi Anyone can help to take a look at the below error message after Panorama started to boot? Thanks

 

 

[<ffffffff8114bb1d>] ext3_writeback_writepage+0xc4/0x159
[<ffffffff810b80bd>] __writepage+0xe/0x26
[<ffffffff810b8561>] write_cache_pages+0x25d/0x36

...

Application and Threat update failing

hi,

 

I am trying to update my content (Application and Threat) under Dynamic update, however it is continuosly failing with the below error,

Enqueued Dequeued ID Type Status Result Completed
--------------------------------------------------------------

...

Resolved! Arp Cache out time- Can be changed need to confirm

 

I was able to change the default arp cache timeout from 1800 to 3600.

 

as shown below

 

 

set system setting arp-cache-timeout
<value> <60-65535> ARP cache timeout interval, in seconds

> set system setting arp-cache-timeout 3600

ARP cache timeout:3600

mparm

...

MP18 by Cyber Elite
  • 8185 Views
  • 5 replies
  • 0 Likes

Resolved! no internet when connected to vpn

just setup GlobalProtect, when anyone connects to the vpn, they are able to access my company resources (file shares, remote server connections, etc) but they lose their internet connection.  i have noticed that we are not getting a gateway assigned

...

branedge by L2 Linker
  • 2332 Views
  • 4 replies
  • 0 Likes

Resolved! Precedence of Routing\NAT\Policy

Dear All,

 

Dear All,

 

I want to know what is correct precedence among Routing\NAT\Security Policy

 

So If a packet hits on the outside zone of the Firewall then whether below process is correct?

1. Whether FW has route for the destination\5.5.5.5 (

...

  • 23695 Posts
  • 110 Subscriptions
Top Solution Authors
Labels