This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4239 Views
  • 0 replies
  • 0 Likes

IPSec VPN using RSA key on the other site

i have a problem regarding the configuration of PALO ALTO IPSec VPN because the other remote sites are using RSA key Authentication for IPSec VPN. They bougth Palo Alto to change there existing firewall Astaro. And now were in the implementation to migrate all the policy to Palo Alto. And i figure out that there is no option of RSA key Authentic...

janm by Not applicable
  • 4672 Views
  • 5 replies
  • 0 Likes

PA-2050 have problem performance CPU dataplane. (80 -95% all time)

PA-2050 have problem performance CPU dataplane. (80 -95% all time)Deploy paloalto 4 zones (inside, outside, DMZ, Server)Enable IPS, Antivirus, Antispywarefirmware version 4.0.7Throughput avearage 200 - 250 MbpsConnection 20000 - 30000 sessionTesting disable layer 7 application with create Application overide policy between inside and Server zone...

Resolved! Is there a way to add multiple (many) IP addresses to a security policy at once?

I am trying to adjust a security rule that I have in place that blocks incoming traffic from multiple IP hosts.In the rule I currently have approx 100 IP host explicitly blocked (spammers)I am trying to add another group that I have taken from my mail server (approx 150)Is there a way I can modify and add all of those addresses at once instead o...

JW-LGH by L0 Member
  • 7154 Views
  • 2 replies
  • 0 Likes

is it possible to apply user-id at SBC environment?

I had a test related to User-ID with PNA Agent for AD. This environment has a little unusual and It is called a SBC (Server Based Computing). I tried to apply User-ID with PAN Agent for AD but it was not working as my intention. Clients must access remote desktop to run application throughout SBC. Clearly, clients have a domain login to access...

willstech by L3 Networker
  • 4441 Views
  • 8 replies
  • 0 Likes

"Application is already in use" commiting custom application addition

Hello,I am trying to import a few custom applications via XML files I downloaded from my PaloAlto vendor. I did try this before with some that I found here in this forum when running PAN 3.1. I am now on PAN 4.1 (though I may have seen this problem before I updated). Now when I import the XML most of them say they failed to insert, but when I...

gsvarney by L1 Bithead
  • 12689 Views
  • 3 replies
  • 0 Likes

Traffic with no data (???) is denied

Hello,I have a PA 2050 device that is configured to allow specified traffic (multiple rules) and one rule that deny all other traffic (at the bottom).When looking at the "Deny all" rule, I can see a lot of packets that should be allowed by specific rules above that are denied with no data (see screenshot bellow). Is it normal ? And what does it ...

ldormond by L3 Networker
  • 4242 Views
  • 3 replies
  • 0 Likes

No Rule Groups ?

Juniper/Checkpoint and other Vendors allow you to create rule groups. Basically headers to organize functional rules/policies together. I think this goes a long way to keeping you policy organized. There's no way to do this ?Thanks,Justin

jhickey by L3 Networker
  • 2185 Views
  • 1 replies
  • 0 Likes

Resolved! Passive FTP issue after upgrade to v4.1.0 (NAT issue?)

After upgrading to version 4.1.0 on my PA2050 in HA (Active-passive) passive FTP is no longer possible to our FTP server.When users logon they timeout on the MLSD command (in binary mode) I'm looking at NAT because the issue does not arise when accessing the same server from within the network. The FTP server is in the DMZ and doesn't NAT for in...

question of the way of configuration for Authenticating Administrator Using IAS for PAN device.

I’d like to apply AD Authenticating Administrator Using IAS for PAN device.And i also installed IAS on the Active-Directory Server. I tried to apply it follow link below, but I’ve been failed.https://live.paloaltonetworks.com/docs/DOC-1196As additional information, PAN is 4.0.7 and Window version is server 2003. Please let me know if someone who...

willstech by L3 Networker
  • 1756 Views
  • 1 replies
  • 0 Likes

migrate local objects to Panorama shared objects

Hello, I have 3 PA-500 that are running as stand alone devices. I've purchased Panorama as I am planning to add more devices. Currently my 3 PA-500 have about 150 objects that I would like to import to Panorama as shared objects so I can make 1 change that will replicate everywhere. What is the best way to:Copy/clone local PA-500 objects to Pano...

essnet by L4 Transporter
  • 6850 Views
  • 6 replies
  • 0 Likes

Email notification - server requires authentication

Is it possible to establish an email server under [ device -> server profiles -> email ] with authentication parameters? Our email servers require auth but I don't see a way of configuring this. Otherwise, does anyone have alternative ideas?I'm running PAN OS 3.1.10, 4.0.7, and 4.1.1Of note - I'm trying to configure the email server so I...

  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks