General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

PAN-OS Expiration Versions

HI, Currently on version Current version: 9.1.12-h3 for both our firewalls. My team leader has downloaded version: 9.1.12-h6 for me to finish and upgrade to as she is now on leave. Just wondering if the version she has downloaded will be adequate enough to rectify the expiry of the current PAN OS on the 31st of Dec. Will there be any outag...

mzengin by L0 Member
  • 1463 Views
  • 2 replies
  • 0 Likes

Resolved! dhcp restart?

I am using the dhcpd on the Palo Alto firewall, and have seen some strange relase patterns, is there away to do a shutdown/start or a restart on the daemon?

erantanen by Not applicable
  • 12204 Views
  • 5 replies
  • 0 Likes

Palo 1410 - Inability to ping my through ISP

New to Palo Alto. Have installed a new PA 1410. This is directly attached to the Ciena 3924 device provided by the ISP. Connecting a laptop to that device allows full internet access. The external interface to access the internet on the Palo Alto is ethernet 1/6. This interface is directly connected to the Ciena 3924. It is part of an outside zo...

jlopez01 by L0 Member
  • 2477 Views
  • 3 replies
  • 0 Likes

DNS server can't access to management interface

Hello, I don't know if this is a normal behavior or not. We have 3 DNS servers. DNS_ADNS_BDNS_CWe are not able to ping or ssh/http to the management interface from the DNS server, if this DNS server is configured as DNS server in the firewall.When we configure DNS_A and DNS_B as a primary and secondary DNS servers in the firewall, we are not abl...

Global Find search results show spinning wheel, unable to expand results after PAN-OS upgrade to 9.1.16

Does anyone know if there is a CLI command to restart, or way to rebuild, the search database? After upgrading to 9.1.16 I am unable to expand search result details for attached objects/policies, instead it hangs with a spinning wheel. Additionally, I can no long view Change Summary before committing changes (nothing happens when pressing the bu...

2023-07-21_092159.png

Resolved! Support for Open LDAP

Hi All,Does Palo Alto supports LDAP running in Linux operating systems? If yes, does the configuration is the same when using active directory?Thanks,Rex

Certification expiratio - Redistribution question.

Hi, We are not using redistribution in our FWs. We just have our PAs connected to a UIAgent. So i understand that we dont need to upgrade FWs, just install app&threats version. The point here, that PA releases a python script and its marking like redistribution is enabled. If we run the service command for redistribution its enabled but no...

BigPalo by L4 Transporter
  • 1368 Views
  • 2 replies
  • 0 Likes

Asking about poor response time resulted in the sales team using personal attacks.

Several times now Palo Alto sales representatives have accused me of the “fact” of my unresponsiveness/unavailability being the reason for a case taking so long (it was never resolved). This concerns me greatly as I have always tried to respond in a timely fashion and be available when needed. This accusation has been used several times over the...

alberthoffpauir_0-1702680507172.png

Resolved! SNAT for multi WAN IP

Hi All, I have ISP provide 4 public IPs can be use. But I can use 1 public ip to outbound traffic only., if i create another SNAT to 2nd public IP, it can't go out to internet. e.g. Interface IP: 20.1.20.20/29 Not work NAT configuration NAT: DMZ NAT : DMZ Source IP 10.1.10.0/24 to DIPP 20.1.20.21-20.1.20.22 APP SNAT: DMZ2 Source IP : 10....

jthk215 by L0 Member
  • 1884 Views
  • 1 replies
  • 0 Likes

Panorama Policy Push Failed

Hi Team, I am unable to push policy from Panorama to one of the firewalls. Getting the Commit Failed due to below reason. . ssl vpn cert file (CERT_GW) processing failed. (Module: rasmgr). global-protect-gateway tunnel interface (tunnel.1) in vsys (vsys1) parsing failed. (Module: rasmgr). client rasmgr phase 1 failure. Commit failed Please h...

Resolved! Windows update URLs with IP addresses show up as unknown

Hi, we have set our PA-440 (PAN-OS 10.1) to block all unknown URLs, which works amazingly well. However, I am seeing more and more URLs getting blocked which are probably for Windows updates that contain an IP address like 151.139.87.98/phf/c/doc/ph/prod5/msdownload/update/software/defu/2023/12/1024/am_delta_patch_1.403.99.0_ccea2ad383853e202858...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels