This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4254 Views
  • 0 replies
  • 0 Likes

Inbound NAT Question

Hello-I am running PA-4050's in an HA oair with s/w version 4.0.7. I have a "guest-wi-fi" zone and Untrust Zone. I currently have an outbound NAT rule for the Guest wifi pool (10.250.98.0/24) to the Untrust Zone using the source address of the wifi pool (10.250.98.0/24) going to destination "any" using dynamic IP and Port translation to 123.12...

Resolved! upgrading pan os from downloaded file

hijust setting up a PA 200 - i have the URL and virus all up to datebox is running PAN OS 4.1.0i have 5 of these boxes to upgrade so i downloaded PAN OS 4.1.1 and 4.1.2i goto software option and select install from file - and i just see software file IMG and no drop down options...where do i need to locate the downloaded OS files for the PAN to ...

sue_town by Not applicable
  • 2950 Views
  • 2 replies
  • 0 Likes

PA 2020 Active/Passive Cluster on SFP Ports

Hi,I have two 2020 Palo-Alto firewalls with serial no.0004C102807 and 0004C102848. I have to configure them in Active /Passive Cluster. As per the design the two PA Firewalls are not in the same location and they are at different locations and Ethernet Cable (Cat-6) will not be laid between the two Buildings(becoz of distance constraint). Howev...

itsecll by L1 Bithead
  • 3178 Views
  • 3 replies
  • 0 Likes

url filtering with groups moved user

I have 2 surfing policies one referencing group1 the other group2if I move a user from group 1 to group 2 he is still restricted by the group 1 policieshow do I force the panagent to look again and get the list of group to user again

Trying to configure GlobalProtect VPN with user certificates on 4.1.x

Hello-I currently have a PA-500 running 4.1.2 and am trying to configure a client certificate-based VPN as outlined in this document: However, that document is for the old NetConnect (pre-4.1.x) VPNs so I've been trying to merge the instructions contained therein with the the 4.1.x GlobalProtect instructions:I have been able to get the appropria...

PA in active-active mode and Cluster ID

Dear all,we ran into a strange problem tonight.We are running PA 4.0.8 in active/active because me might encounter asymmetric routing.We have two A/A clusters in different data centers. Both clusters have the same cluster ID.The traffic is going only over one cluster by design. We checked the traffic counters on the routers and confirmed that on...

AndreasB by L2 Linker
  • 2671 Views
  • 1 replies
  • 0 Likes

Bulk creation of host objects

We need to create a large number host objects (i.e. IP address objects). Tech support only pointed us to a KP article "Using the XML API" which is Greek to me. Does anyone have any suggestions/solutions? I would think that someone would have needed to do this before me and found a way. Thanks.

legeremt by L0 Member
  • 6624 Views
  • 5 replies
  • 0 Likes

Trap SNMP for threat

Hi all,From the mib file named PAN-TRAPS.mib I can see that there are some information about threat objects.Is there anybody who knows how to use this.I have tried to generate some threats but no traps were sent to the manager.ThanksBruno

Need assistance creating a custom application

I have a warehouse management system, and I need to identify the traffic from the WMS client. Here is a section of the tcp stream from a packet capture: V103^46^^~0~~0~~-1^=^002050^get encryption information V103^45^45736^0^0^^1^1^s^~name~4~4~name~name~^S4^none V104^73^2^^^66^^^~0~~0~~-1^=^002306^list comp versions where base_prog_id = 'D...

bhayes by L1 Bithead
  • 3058 Views
  • 3 replies
  • 0 Likes

Routing between Virutal Systems with a VWIRE

We currently have our Main PA configured in a VWIRE deployment with a TRUST and UNTRUST Zone. We have many different VLANs on our network and the default route for all internet bound traffic passes through the VWIRE.We want to configure multiple VSYS on the PA for our different divisions. Example VSYS1 - Enterprise, VSYS2 - Retail, VSYS3 - Publ...

What is everyone using for anti-spam?

Sorry if this is inappropriate here, but I figure who else better to ask than other Palo Alto Networks customers.As much as I love our PANs, unlike some other firewalls, they don't really help with spam. So I'm wondering if other users would mind sharing their success stories.Our current solution is GFI Vipre Email Security on the Exchange 2010 ...

bjdraw by Not applicable
  • 6565 Views
  • 2 replies
  • 0 Likes

Resolved! Allowing access to Facebook and Twitter

We have a setup where we restrict users access to personal and social sites like twitter and facebook to lunchtimes and out of hours, which is working fine using a schedule.We however have a select group of users who require full time access to facebook and twitter for the Council pages/accounts (only those sites).I have tried setting up a rule ...

lhank by L0 Member
  • 7856 Views
  • 5 replies
  • 0 Likes
  • 24362 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks