This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4112 Views
  • 0 replies
  • 0 Likes

PBF Monitor with tunnel Interface

Hi,I want to use PBF with IPSEC tunnel to handle failover.I have 2 tunnels with the same proxy id, so I need to route a network between one tunnel, and if this tunnel is down I need to automatically route to the second tunnel.But how to use monitoring in the PBF rule with a tunnel interface?I think I have to configure a IP on the tunnel interfac...

martin by L0 Member
  • 3127 Views
  • 1 replies
  • 0 Likes

Global Protect Licensing for Differing PA Models in a Network

There are specific, per device type, Global Protect licensing SKUs. If a customer/enterprise has multiple PAN device types on their network, is it necessary that each has it's own specific corresponding SKU type applied to it, or are they in fact interchangable? -Thanks

Chrisoph by Not applicable
  • 2376 Views
  • 2 replies
  • 0 Likes

Block App-id Youtube

Can anyonetell me step-by-step how to block youtube using an app-id? I have never used app-ids before and need a quick lesson. 🙂

dfrench by Not applicable
  • 2995 Views
  • 1 replies
  • 0 Likes

Resolved! don't understand the user identification difference between pan-agent of the and userid-agent.

I use PAN-OS 4.1.3 for test about user identification. I try to use pan-agent by set LDAP server profile and set mapping group already. Then I can use only user groups of AD (user name in group not show) in security policy but can't see user name in "source user" in traffic log. In case I use UserID-agent, I will use user name from AD in secur...

SSH Remote Command Execution for Config Files

Hey Guys,I was curious if there was a way to run a command remotely via SSH to the PAN Device to dump configs.I was thinking of a way to dump the output of "pa2050-1> show config running" to a flat file that I can hopefully do version checking on.However, when trying the following SSH command, it seems to not work and hangs the connection up:...

ikinnexi by Not applicable
  • 5410 Views
  • 1 replies
  • 0 Likes

Sizing PA Devices

I need to know if there is any report/graf in PA that shows the throughput peak, simultaneus session peak, in a custom time period. This would be great for sizing equipment after analizing the traffic of a costumer during some days. It will be very usefull to know how are you using your equipment and the grow prosibilities you have.I have been l...

DHCP Routing on PALO ALTO 2020

Hello,I'm about to try to route dhcp traffic dhcp over my palo alto, but it does not work. Is there an equivalent of "helper-address" known on some routers. My client and my dhcp server are not on the same network, my palo is on the midle betwen my dhcp client and the server. thank you

Resolved! Upgrading Panorama and firewalls from 3.1.8 to 4.1.3

Looking to upgrade our Panorama and mix of 500, 2000 and 4000 HA units from 3.1.8 to 4.1.3.We understand that we need to jump to 4.0 first, and then to 4.1.3 as there is no direct upgrade path.Here are some of the questions however:Can we upgrade Panorama 3.1.8 -> 4.0 -> 4.1.3, and then do the same to the firewalls at a later time? What's ...

KGC by L3 Networker
  • 4134 Views
  • 3 replies
  • 0 Likes

User-ID: Radius

Our students that use our wireless must authenticate to Cisco ACS using their domain credentials before gaining access to the network. How can I setup my User-ID agents to properly log the student wireless name and ip? Will this need to be a change on the domain controller, acs, or the pan-agent?Thanks for any advice!

u10723 by Not applicable
  • 3124 Views
  • 1 replies
  • 0 Likes

User-ID PanOS 4.1

In regard to user identification of traffic, older implementations of PAN we would install the PAN-Agent, but after reading a bit more on the 4.1 it seems I would no longer need to use the agent in an Active Directory installation. Is there any documentation on how to do this for multiple DCs in multiple domains? We are in the midst of a domain...

u10723 by Not applicable
  • 5252 Views
  • 6 replies
  • 0 Likes

Increase Data plane CPU on PA-500

Hi, every body!I used Palo Alto - 500 with version 4.0.1On this device, Data plane CPU alway about 6-20%. I want to increase Data plane CPU on Pa-500 (4.0.1)Please help me How to increase CPU up to 70-90% ???Thanks all !!!

thenlee by Not applicable
  • 2923 Views
  • 3 replies
  • 0 Likes

Resolved! How does dns-proxy in Vsys Configuration works?

I'm trying to use different dns server for FQDN objects in each vsys.My platform is PA5020 v4.0.9., and I can see dns-proxy field in vsys creation window.According to the explanation in '?' help page, it says something about interface.Which interface does it point?What is the difference between interface in dns-proxy config window and this?If so...

emr_1 by L5 Sessionator
  • 4884 Views
  • 2 replies
  • 0 Likes

Resolved! Rogue/Fake Antivirus Malware detection?

I was wondering if there is any way to detect the Rogue/Fake Antivirus Malware that is making its way around the internet?A couple in paticular are Internet Security 2010, Antivirus Live and Advanced Virus Remover.Thanks,D

PA 500, Hairpin routing and front ending certs

I am trying to implement a Exchange 2010 setup and the consultant is asking if the PA can handle HairPin routng and if it can front end the certs for the Exchange systems. I haven't a clue and google results were less than clear, so am turning to the forums and hopeing someone else does. Anyone?

u7483 by Not applicable
  • 2919 Views
  • 1 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks