This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4114 Views
  • 0 replies
  • 0 Likes

changing computers on network from static to dhcp

we are now changing over to dhcp on our network for our computers and they are currently setup with static ip. Any computer in palo that is blocked from the internet or going outside is setup with the name of workstation and the ip address. Since the ip addresses are going to changeeverytime they reboot how am i going to be able to keep those...

mprogc by Not applicable
  • 1889 Views
  • 1 replies
  • 0 Likes

Captive Portal auto popup

I was wondering if there was any way to have the browser popup with the CP login page whenever a user tries to use anything (email, chat, etc) that requires internet connectivity. I've seen this in some hotels before and think it would be useful here. Just so they know what they have to do to be able to get out. We have most things blocked fo...

bvest by Not applicable
  • 2742 Views
  • 1 replies
  • 0 Likes

OSPF Resets

While doing some testing on a PA pair at a new site, I noticed that at least one type of configuration change would apparently cause OSPF to reset and lose all of the routes out of the site. Specifically, I was enabling and disabling IPv6 on interfaces. When I would commit the change, the site would drop communications for thirty seconds or so u...

cosx by L2 Linker
  • 1980 Views
  • 1 replies
  • 0 Likes

Poor Man's HA

Greetings,We have a single PA-500 which we will be putting guest (non-critical) internet traffic behind. Currntly it is patched in as such:eth1/1: L3 - Trustedeth1/2: L3 - UntrustedIs there anyway to leverage HA between interfaces on the same device? Reason being is if one of the up-stream switches fails, I'd like to not have to physically mov...

mrsold by Not applicable
  • 3385 Views
  • 4 replies
  • 0 Likes

NetConnect OS support

When will NetConnect support Linux/Unix and Ipad? Am I correct that currently Netconnect only supports:Windows 7 32-bitWindows 7 64BitMacOS 10.5 32-bitMacOS 10.6 32-bit??

general problems

hi, we cant use automated updates since Nov 24th .when i try to update from dynamic updates it gives this error. ”Failed to check content upgrade info due to generic communication error. Please try again later”. when i try to update from file it looks like this. 221-813, 221-813 Unknown Unknown 0 KB Unknow...

blueteam by Not applicable
  • 5640 Views
  • 7 replies
  • 0 Likes

HTTPS apps identified without decryption

Hi all,in my configuration I have neither SSL Decryption implemented nor URL Filtering. I only have 1 policy: "trust to untrst accept all" in Vwire. PANOS 4.0.2If, from my PC behind PAN device, I try to go to: _https://www.facebook.com_PAN device shows me the app facebook-base in the Traffic Logs.If I put a block policy for all facebook traffic ...

Config file

hello everyone,good day to you.have a little question... its it possible to upload a config file generated from a pa-2020 then upload it on a pa-2050 ?regards,bp

Packet Drops under 3.1.8 / 3.1.9?

This is more of an FYI than a question. I want to share what my company is going through so we can all learn from each other.We monitor our network by sending out pings every 500ms. We have multiple ping sources going to scores of endpoints. Then, we correlate and report on the data. We've been doing this for years. We've got a good understandin...

markjx by Not applicable
  • 3467 Views
  • 2 replies
  • 0 Likes

Resolved! DHCP Option - Is it possible?

I know that the DHCP service offered on the Palo Alto firewalls is quite limited but I wondered if anyone has had any success in setting up specific DHCP options?We have a requirement to set DHCP options 66 and 67 for PXE boot - this is possible on most DHCP implementations, including our previous Juniper SSG (ScreenOS) firewalls.Any advice woul...

Problem with ipsec vpn session

HiI hope that someone can bring some insight in to this problem.The situation is this:Two out of seven configured ipsec tunnels are having some kind of connection issue. Our monitoring system will notify me that the VPN connection is down. I have then tried to "ping" the inside interface of the remote firewall (Fortigate in this case), with no r...

admin3r by Not applicable
  • 11201 Views
  • 9 replies
  • 0 Likes

Is there a limit on the icmp pakets size?

Hello,We try to make ping throw a PAN-4020 device, whene we try with a 1023 byte pakets it works, but wehen we try with a 1024 byte pakets this is rejected by the PAN. Is there any limit on the icmp paket size?Also, whene we activate the jumbo frame mode on the device, is there any impact on traffic or on the function of the device (reboot requi...

asia by L3 Networker
  • 2902 Views
  • 1 replies
  • 0 Likes

vwire loop into tap port for QoS demo

Guys,To show QoS, when running a PoC using out of band traffic, will connecting a tap port via the factory v-wire interfaces work?So out of switch mirroring traffic, into trust vwire->untrust vwire->tap ?Thoughts?

KatanaNZ by L3 Networker
  • 4418 Views
  • 5 replies
  • 0 Likes

Image File Authentication Error Failed to extract rpm file

when I am updating my application and threat dabase to 260-1085, I am getting following error.content update failed with the following messages: Image File Authentication Error Failed to extract rpm file /opt/pancfg/mgmt/content-images/tmp/panupv2-all-contents-260-1085.tgz Following is my disk usage.admin@PA-2050> show system disk-spaceFilesy...

  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks