This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4117 Views
  • 0 replies
  • 0 Likes

PA 850

hello we have deployed a HA 850 series cluster we have users complaining about problems with: voice quality on MS Teams screen freezes video & audio out of sync Q is there a configuration I should use to optimise the MS Teams network performance ? Q are there any logs /packet captures I should run to try and identify the issue ? thanks

Resolved! Understanding some counters from pow performance during high CPU troubleshooting

Hi all, I was troubleshooting one of our customers pa 5220 high CPU utilization based on this KB article: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CmV2CAK It gives a pretty good explanation of how to interpret these outputs to determine what is utilizing CPU. So I found and calculated the most used processe...

{"status":500,"timestamp"

i am trying to register a new account to register a product... getting an error message {"status":500,"timestamp":"2024-01-14T16:30:48.473895602Z"}

Resolved! PA 220 Dataplane restart automatically.

Hi Team, We have noticed that our PA 220 device data plane has been restarted automatically. Pan OS: 10.0.6 Please find the logs below, 2021-09-24 10:36:23.126 +0530 INFO: flow_ctrl_pktlog_forwarding: exited, Core: False, Exit code: 02021-09-24 10:36:23.290 +0530 INFO: flow_mgmt: exited, Core: False, Exit code: 02021-09-24 10:36:23.487 +0530 INF...

VishnuPS by L3 Networker
  • 9350 Views
  • 8 replies
  • 0 Likes

ARP refresh in firewall if replacing the connected device

we are changing the core device hardware connected to Palo alto firewall inside interface. To minimize downtime we will be moving inside interface of secondary passive firewall to new secondary core and then we will make it active by suspending primary firewall. Is there any ARP issue or delay in arp refresh on Secondary firewall as we will live...

Deepak25 by L3 Networker
  • 1424 Views
  • 1 replies
  • 0 Likes

Resolved! Features column in Network Interface shows an IPSec Gateway

I have a HA pair of PA 5220s at the HQ location and a PA-850 at a secondary DR location. We have about 100 remote sites that have a primary Site-to-Site VPN connection to HQ and a secondary connection to the DR location. Each of which have their own IKE Gateway configuration. I've just noticed that when I look at the Network/Interfaces/Ethernet ...

Impact of license expiry

I need the impact below license expiry. This is not in terms of any OS version. This is a gen query. -SD WAN License -BrightCloud URL Filtering -GlobalProtect Portal -GlobalProtect Gateway I intend to get the below bullets:- -What one can still do, -What one can no longer do,

description contains 'Failed to connect to address: x.x.x.x port: 3978, conn id: triallr-x.x.x.x-x.x.x.x' )

ipsec vpn, global protect is not set. 34.122.191.141 > google address 200.200.200.200 > loopback address I found a Cortex logging service error, but I don't know how to solve it in detail. https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000POOtCAO I want to turn off the corresponding log.

qmso475_0-1705371110137.png
qmso475 by L3 Networker
  • 1927 Views
  • 1 replies
  • 0 Likes

PBF Rules being ignored

I have setup several PBFs to force traffic to use a specific egress interface for monitoring that particular path. I then setup a ping monitor on one of the servers, Source Address 192.168.200.15, to ping several different Destination Addresses (DA). The SA is the same for each 'monitor' but the DA is different. The PBF is then setup to forwa...

rmcrae by L3 Networker
  • 4235 Views
  • 3 replies
  • 0 Likes

Resolved! Confused about HA Path Monitoring recovery (Preemptive loop)

Hello,So this is a document: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClhJCASWhich states:When a link or path monitoring (or both) failure condition is detected by the HA daemon on the Active device, it moves in non-functional state.When the monitoring state is restored, the non-functional nodes moves into passiv...

Active Directory Users & Computers slow over GlobalProtect

We are experience an issue that I am curious if anyone else has encountered. When any of us IT folk are VPN'd in via GlobalProtect (tested on different internet connections, hardwired and wifi) whenever we open up MSFT Management Console Active Directories Users & Computers, it takes about 5-7 minutes to open. I can see the traffic in our t...

ShippG by L1 Bithead
  • 52198 Views
  • 30 replies
  • 0 Likes

New Area for Engineering Blogs on LIVEcommunity!

We are excited to announce a new Engineering Blogs section on LIVEcommunity, exclusively curated by Palo Alto Networks engineers! This dedicated area will be home to technical posts about Palo Alto Networks innovations to build scalable and reliable systems, products, and features for our customer's cybersecurity solutions. In our inaugural po...

jennaqualls by Community Team Member
  • 2857 Views
  • 2 replies
  • 3 Likes

Resolved! Seeing error on commit: Management Server failed to send ID request to client device.

Seeing error on commit: Management Server failed to send ID request to client device. ResolutionRestart both management and device server. Run the following commands:> debug software restart device-server> debug software restart management-server Are these commands disruptive and used in production without impact?

New RCE on GlobalProtect if you didnt change the master key

Hello All, I saw the below on twitter... I wrote a tool to check master key configuration on palo alto firewalls and so far I haven't run into any instances of people actually changing the master key from p1a2l3o4a5l6t7o8 gist.github.com check if a PAN firewall is using the default master key when globalprotect is enabled check i...

OtakarKlier_0-1659529373594.png

URL Filtering wrong categorization

Hi Members, Whenever the users try to access our Internal server, The traffic is blocked in URL filtering category as adult. Can Someone help me how the palo alto categorize my ip address as Adult category the URL shown as pornhub.com. but when I am checking my ip in URL test, It is showing Unknown. URL. Someone can help how palo alto catego...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks