This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4146 Views
  • 0 replies
  • 0 Likes

Resolved! Palo PA-415 on High-availability but Wireless access points only have 1 network port.

So I have a very small site and PA-415 seems like a idea firewall to that, but we have a company policy which we have to have a HA on a firewall. I'm trying to not to use a switch given that PA-415 have a 8 poe ports. issues APs we use only have 1 ethernet port. Is there a way to do HA on this scenario. I'm trying to get an AP with 2 network ...

din100 by L3 Networker
  • 3459 Views
  • 2 replies
  • 0 Likes

Resolved! HA failover logs

In PA-3220, are HA logs enabled by default? Does these logs contain the reason for transition between HA primary and secondary?

Resolved! Botnet reporting error command failed with no output

Hi All, Did a replacement of a PA FW 5260 (pan-os 10.1.x) with a 5420 (pan-os 10.2.7) everything is working as expected.. however not able to view any botnet reports. botnet config in place under monitor\botnet\configuration. licenses are in place and updates up to date. in URL logs i can see logs for malware categories and blocked as expected. ...

PA_nts by L4 Transporter
  • 3426 Views
  • 2 replies
  • 0 Likes

Cisco ASA PA ipsec issue

Hi, We have recently come across an interesting issue between a Cisco ASA ikev2 tunnel with a PA. If I was to failover the PA to an HA peer, traffic initiated from the Cisco ASA continues to flow whilst traffic initiating from the PA stops. I noticed when the PA fails over the ASA drops both phases and recreates them with a new SPI value whilst ...

Resolved! Commit Error: failed to handle CONFIG_UPDATE_START Issue

Hi All, I think most of you had experienced this failure issue once in your worklife 🙂 🙂This error reason is mostly because config memory usage is too high.>debug dataplane show cfg-memstat statisticsAs we all know the number of custom url is limited and we will likely face this commit issue after this limit exceed. But we can not be aware...

Resolved! Queries on OSPF Route Summarization

Customer have configured OSPF peering with firewall and switches. Have multiple OSPF peering with different ZONEs via each sub interfaces. Currently we are receiving around 4k routes at DCE-ES for each peering. Since ES switch hardware not supporting that much routing entries, we need to do summarization for those routes. Need to know how to do ...

Resolved! problems with dns resolutions

Hello, I have a problem with a DNS resolution, in some users with the GP agent 5.2.10-6 we can reach a resource for example vmare.x.x, but with other users.There are several important points here:All users have the same version of the global protect agent.To reach the vware resource, the user connects to the VPN that is located on vsys 1 and goe...

Unable to license PAVM 30days Evaluation

Hi Folks, i like to try the new opportunity from Palo Alto to test the PAN VM for 30days. But for me it seems that this is the standard VM without any license.So here we go:https://www.paloaltonetworks.com/vm-series-trialSounds for me like a full featured PAN VM to try all the nice things.I tried to ESX and QEMU Images. At both versions i stuck ...

florianhahner_0-1634026365798.png
florianhahner_1-1634026506686.png

Resolved! Migrate remote access services from Pulse (Ivanti) Secure to PaloAlto

We currently run a pair of Palo Alto 5220's and are in the planning process for moving the VPN services from our Pulse Secure (Ivanti) appliances over to the PA and using Global Protect. On the Pulse appliance, there is an option to allow users to login to a web interface for controlled access to some internal resources if there is no VPN option...

Resolved! IPv6 over PPPoE

(apologies if this has been answered before, I'm new to this community but I didn't find any answers to this.)So basically my question is if it's possible to get IPv6 to work with PPPoE?I just installed PA200 in my home, and before the PA200 I had two PPPoE connections, one for IPv4 and one for IPv6 (different service-providers, since my main on...

Natti by L1 Bithead
  • 8632 Views
  • 7 replies
  • 1 Likes

nslookup on the management port ?

I would like to check a few DNS issues I'm seeing on the management port.I had hoped to find nslookup in the CLI, but it isn't there.Is there something equivalent ?Thanks.

DSTR by L0 Member
  • 40317 Views
  • 4 replies
  • 1 Likes

Looking for AI/ML tools for DoS/DDoS protections and traffic analysis

Hi all,Large organization - looking for recommendations of AI/ML tools that we could use to augment our traffic analysis and provide DoS/DDoS protections. I know there are many different ways this could be done but I'm just looking for some 1st-hand-experience on some solutions you guys implemented successfully:- I am not familiar w/ Palo's AI/M...

GlobalProtect reports a "Client Certificate Error" but still connects

Hello-I'm running a PA-500 on with GlobalProtect for VPN access. Just recently our users started experiencing an issue wherein they try to connect and receive a "Client Certificate Error" error dialog. However, after they click OK to close the dialog, the agent connects anyway. I investigated the issue myself and found what follows below. No...

  • 24340 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks