This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4118 Views
  • 0 replies
  • 0 Likes

Resolved! PA-500 work in cluster mode

/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orph...

roshithw by Not applicable
  • 3270 Views
  • 2 replies
  • 0 Likes

Resolved! Leds in failover firewall with high Availability

Hi, is it normal that in passive unit of high availability the link leds of interfaces are switch off?. the high availability it's ok and synchronized.I don't find anything about that in documentation.Thank youSamuel

High CPU usage of Panorama

Hi,Our Panorama is running on a dual quad-core 2.66GHz + 4GB RAM + VMServer 2.0. We have a PA4020 appliance which has a persistent session count of roughly 250000 sessions. When we direct the logs of this PA4020 to Panorama, the CPU usage of Panorama jumps to 100% and becomes very slow (sometimes no responses at all).So anyone knows if Panoram...

ccnetwk by L0 Member
  • 5523 Views
  • 1 replies
  • 0 Likes

Vsys resource management

Hi Folks,We are in the process of evaluating Palo Alto. Can folks share some of their experiences on how to manage resources between Vsys? How do you manage Vsys 6 only gets x% of CPU etc...vs what other Vsys's are allowed. What is the max number of Vsys PA supports and what sort of numbers of Vsys do folks have in production...thanks,"newbie"

jsdietz by L0 Member
  • 2728 Views
  • 1 replies
  • 0 Likes

Export "SSL VPN/SSL INBOUND Inspection Certificate" in PAN-OS 3.0.6

hi,I can't find in PAN-OS 3.0.6 solution to export CERTIFICATE.I tried WEB-admin and CLI but without solution :scp export > application Use scp to export application packet capture> application-block-page Use scp to export application block comfort page> captive-portal-text Use scp to export captive porta...

IPSEC VPN Help?

I have a PA-500 at our main office.We have a smaller site that currently we have a point to point circuit to, however we may not renew the contract on this, and instead put in a cheaper but faster internet leased line, the idea being to link the two sites through a VPN tunnel.The other site is too small to justify another PA-500, and I think "Pl...

Blocking browsers ?

hi,i just need to know is it possible to block a browser e,g Firefox or Opera with application filter ? i need to implement a restricted policy to allow only IE for browsing ...appreciat any help..

u3974 by Not applicable
  • 3561 Views
  • 2 replies
  • 0 Likes

PA-500 Management NIC Dead?

Always seems to happen out of hours but... the management NIC on our PA-500 seems to have dropped off the face of the earth.I can't ping it, I can't SSH/Telnet to it, nor can I get to the web GUI.Fortunately the PAN does still appear to be passing traffic, but assuming there's no dead daemon/service that will automatically restart at some point...

Management of multiple devices in Panorama, what is shared ?

Hi,When managing multiple PA devices in Panorama, what information is shared ? I know it is possible to create device-groups, but this is only used for security policies.What about NAT, QoS, SSL decryption, Captive Portal, Policy based Forwarding ?And ofcourse settings for AD/LDAP/RADIUS servers ?RegardsFlorian

bigfloor by L2 Linker
  • 3079 Views
  • 2 replies
  • 0 Likes

Basic multiple-WAN-IP networking question

Some background, I am coming from a Sonicwall (which I'm not a big fan of, but I'm familiar with it) and I also have experience with the open-source pfSense system. I'm not super-knowledgeable regarding subnetting, but I have a basic understanding and I get how CIDR works and the correspondence between "slash-notation" and the typical decimal d...

bradenmcg by L3 Networker
  • 5647 Views
  • 3 replies
  • 0 Likes

Blocking bittorrent traffic

Hi,I have just found the time to start learning about our new firewall. As a test I have tried creating a policy for blocking bittorrent traffic, but it seems to have only limited effect. Transmission still happily downloads the torrent although I can see from the logs in the firewall that at least some of the traffic is being denied.Am I doing ...

MarioG by L1 Bithead
  • 8547 Views
  • 6 replies
  • 0 Likes

Uknown-tcp in application based policy logs !!

Hi,I'am using PAN-OS 3.0.9, and i have configured some policies in witch i allow some applications defined by application override. I noticed that in the logs associated to this policies, there are lines that are identified as "unknown-tcp" with action :"allow" and type "end", is this normal?Normaly the firewall should not allow this connexions ...

asia by L3 Networker
  • 5338 Views
  • 5 replies
  • 0 Likes

No version info in Virus install from panorama

Hello,When doing app/content installs it shows what version is installed on the end device, but when doing an anti-virus update it does not so you have to keep track of which ones were done. Is this a bug in the software or what do we need to do in order to fix this?Thanks,Doug

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks