This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Unexpected change by user __cloud_services - Anyone else get this today?

We use Panorama to manage Prisma access and have alerts configured for config changes. Today got an alert of a commit from user __cloud_services, from the loop back IP 127.0.0.1 I assumed I would look up this user in google and see that it's a service account used by the prisma access plugin for when changes are deployed but didn't find anythin...

Screenshot 2024-01-09 at 19.36.01.png
jbusby by L1 Bithead
  • 2605 Views
  • 2 replies
  • 0 Likes

version recomendada de PA-445

donde puedo verificar la version recomendada de actualizaccion de software para firewall pa-445, en tratado de ver en esta direccion :https://live.paloaltonetworks.com/t5/customer-resources/support-pan-os-software-release-guidance/ta-p/258304 pero resulta que no estoy autorizado, me podria ayudar por favor la version recomendada para este fir...

PA-3420 will not detect SFPs on any port

My backup PA-3420 in an HA peer will not detect SFPs or link on any port (including copper) but the management. The primary unit detects and links on multiple SFP slots with multiple different SFP types and brands. The same SFPs in the backup unit will not detect. adrian.admin@PA_CorpEdge_A(active)> show system state | match sys.s1.p13.capa...

Resolved! Can not check Forward Trust Certificate

Hello. I'm having an issue with a setup of decryption. we have a custoemr who wants decryption. and they also have an entreprise CA. to have the least user impact they wanted to use an entreprise signed certificate for their ssl forward trust. I created a certificate as explained on palo alto resourceshttps://knowledgebase.paloaltonetworks.com/K...

PA-3420 sudden restart issue

Hi all, One of our clients has a PA-3420 HA-pair device with an active-passive setup, one day they noticed that their firewall went to reboot. Upon checking there are no signs on the system logs that encountered power interruption or hardware failures, we checked on using PANTS and the Auto assistant tool, but we did not find any event that poin...

Daryl_Cruz_0-1704781577308.png

Resolved! Palo PA-415 on High-availability but Wireless access points only have 1 network port.

So I have a very small site and PA-415 seems like a idea firewall to that, but we have a company policy which we have to have a HA on a firewall. I'm trying to not to use a switch given that PA-415 have a 8 poe ports. issues APs we use only have 1 ethernet port. Is there a way to do HA on this scenario. I'm trying to get an AP with 2 network ...

din100 by L3 Networker
  • 3432 Views
  • 2 replies
  • 0 Likes

Resolved! HA failover logs

In PA-3220, are HA logs enabled by default? Does these logs contain the reason for transition between HA primary and secondary?

Resolved! Botnet reporting error command failed with no output

Hi All, Did a replacement of a PA FW 5260 (pan-os 10.1.x) with a 5420 (pan-os 10.2.7) everything is working as expected.. however not able to view any botnet reports. botnet config in place under monitor\botnet\configuration. licenses are in place and updates up to date. in URL logs i can see logs for malware categories and blocked as expected. ...

PA_nts by L4 Transporter
  • 3406 Views
  • 2 replies
  • 0 Likes

Cisco ASA PA ipsec issue

Hi, We have recently come across an interesting issue between a Cisco ASA ikev2 tunnel with a PA. If I was to failover the PA to an HA peer, traffic initiated from the Cisco ASA continues to flow whilst traffic initiating from the PA stops. I noticed when the PA fails over the ASA drops both phases and recreates them with a new SPI value whilst ...

Resolved! Commit Error: failed to handle CONFIG_UPDATE_START Issue

Hi All, I think most of you had experienced this failure issue once in your worklife 🙂 🙂This error reason is mostly because config memory usage is too high.>debug dataplane show cfg-memstat statisticsAs we all know the number of custom url is limited and we will likely face this commit issue after this limit exceed. But we can not be aware...

Resolved! Queries on OSPF Route Summarization

Customer have configured OSPF peering with firewall and switches. Have multiple OSPF peering with different ZONEs via each sub interfaces. Currently we are receiving around 4k routes at DCE-ES for each peering. Since ES switch hardware not supporting that much routing entries, we need to do summarization for those routes. Need to know how to do ...

Resolved! problems with dns resolutions

Hello, I have a problem with a DNS resolution, in some users with the GP agent 5.2.10-6 we can reach a resource for example vmare.x.x, but with other users.There are several important points here:All users have the same version of the global protect agent.To reach the vware resource, the user connects to the VPN that is located on vsys 1 and goe...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks