This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

HA configuration

I just want to check if this configuration of HA active/active is possible on PANOS 4.0.x having single router as gateway and a core switch to connect to internal LAN. From what I have seen in the HA active/active configuration, seems like router and switches are also configured as HA. If this is possible, please help me understand how to config...

evaristov by Not applicable
  • 4030 Views
  • 2 replies
  • 0 Likes

Arp issues with L2 failover

Hi guys,We have a new PAN insatllation with a requirement for resilient links to two Cisco core switches running HSRP.We have configured the 2 interfaces on the PAN as L2 interfaces and assigned a VLAN which acts as the layer 3 IP. (see diag attached)When we shut one of the interfaces on the switch connectivity is lost and until we manually clea...

rds by L2 Linker
  • 9310 Views
  • 5 replies
  • 0 Likes

USing PAN in a VoIP Environment (Call Center)

Hello,we just deployed our PA2020 in a VoIP environment and we are having some issues as below :we are experiencing some audio problem on one segment , When we call a remote extention, we cannot hear our correspondent while they can hear us clearly.We noticed that for SIP phones, we are experiencing the same issue. we have checked for any rules ...

nettobe by L1 Bithead
  • 4267 Views
  • 3 replies
  • 0 Likes

Application definition - Java-Update

HiWe allowed file downloads for a group of users under the 'web-browsing' application but when they try to download a Jave update directly from the Java website, the application gets categorized as 'java-update' which is an application we block as we don't want PCs to auto-update Java.Does anyone know the criteria used to hit an application matc...

martji by Not applicable
  • 2453 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect - Force client connection

Hello everybody,I've configured GlobalProtect and everything seems works good.One thing is not clear for me.If a domain user has the agent on his laptop and he's outside, is there a metod for not avoid the agent?In my test if the user write a wrongh password the agent don't establish the connection and the user can surf internet avoiding corpora...

Resolved! Order of operation

Hi:What is the order of operation for traffic flowing through the box?For example, here's a list for CheckPoint (although it's incorrect):http://www.cpug.org/forums/miscellaneous/471-order-firewall-1-operations.htmlThanks!

Printing Settings

Hello,Is there a way I could print our Objects - Security Profiles - URL Filtering - profiles? We have 10 so far and I expect this to grow again this year. I would like to print them so our Administration Office can compare and evauate each profile for the new scahool year.FNichelson

UIA stopping unexpectedly and not starting automatically after a reboot

Our network has 10 Windows child domains. We have a UIA installed on 2 Domain Controllers (mix of 2003/2008 Windows Servers) in each child domain. On about 8 of our 20 UIAs we have had the UIA process stop unexpectedly or not start up automatically after a server reboot. Event logs are not pointing to the issue. We are using port 55555 for t...

legeremt by L0 Member
  • 2534 Views
  • 1 replies
  • 0 Likes

Using ACS with PA

Greetings,So, I'm looking to use ACS as a means for authentication for accessing our single PA device. I found this doc (https://live.paloaltonetworks.com/docs/DOC-1472) which has the configuration as well as the dictionary file. I guess I just have a few questions:1. Do I need to create it with all those groups? As in, are those groups only...

mrsold by Not applicable
  • 4963 Views
  • 3 replies
  • 0 Likes

Resolved! PA Security Policy is not working after comitting the change

Hi,We have a rule to allow ICMP between the DMZ server to an Internal Server and vice versa. When I added another Internal server to the rule, I saved, and I committed the change. Afterwards, it was still not working; I still cannot ping to my server. When I checked on the logs, everything showed OK, except under Application, it shows 'incomplet...

rmarquez by Not applicable
  • 2319 Views
  • 1 replies
  • 0 Likes

Cisco SCPS traffic being dropped

I thought I'd ask this here as I feel like it may show up again sometime if someone has an answer. We're deploying Palo Alto behind a pair of Cisco ASAs and there's a minor issue. It looks like (through packet capture on the Palo Altos) SCPS traffic is being dropped between the ASAs on their inside interfaces. The ASAs report an error about e...

Resolved! NAT Logging?

Does anyone know if the system logs previous NAT translations? I have the public IP of one of our users who may have committed a copyright violation and need to trace to the private IP. Also, is there any way to set the duration of NAT translations?Thanks in advance!

bvest by Not applicable
  • 3596 Views
  • 2 replies
  • 0 Likes

Resolved! Wild Card searching in Traffic Monitor

Hi all, This probably has a real simple answer but it has got me stumped. How do I do wild card searches in 4.x PAN Traffic logs ? For example, I want to find all traffic from a Class C subnet 192.168.1.x. Using a * does not seem to work ( ( addr.src in 192.168.1.* ) ) and throws a syntax error.Cheers,

dpenhall by L2 Linker
  • 10540 Views
  • 2 replies
  • 1 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks