This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4456 Views
  • 0 replies
  • 0 Likes

PanOS 11.1.0 Upgrade - Panorama Refuses to Commit or Push on a Multi-VSYS System

Hey Team,Has anyone encountered any problems performing the PanOS 11.1.0 Upgrade? I've encountered the following issue after an upgrade, where PanOS (Panorama) would not commit changes, much less push them to our devices. The configd.log file shows the following: 2023-12-09 16:36:16.778 +1100 DG-push(selective): Waiting for DG file to be writt...

not able to open support case

Hi, When I try to open support case error message coming up saying "Problem Category is missing". Although I select the product as PAN-OS while creating the case. BR, Alaa

aasaggaf by L0 Member
  • 916 Views
  • 1 replies
  • 0 Likes

Best upgrade practice with HA Pair ?

We are preparing to update this weekend to 10.2.7 to resolve the expiring root certificate issue. We have an HA pair that we want to failover while upgrading as to not disrupt service. While I have the upgrade path from the Palo documentation what I am not sure of is if I can fully upgrade the secondary, failover and then fully upgrade the prima...

Walt by L1 Bithead
  • 3909 Views
  • 1 replies
  • 0 Likes

Setting Up Double NAT over a site-to-site VPN

Hi, I've been trying to read up on if it is possible to set up what Cisco would call "Twice NAT" on Palo Alto, and while there seems to be a lot out there for really odd fringe cases, I'm struggling to find anything on what I think would be a really common scenario. So hopefully someone can help. We currently have 2 organizations that need t...

BGP failover not working as expected

Hi Our PA 220 is running 2 eBGP's with 2 CE (WAN) routers. Those 2 CE routers will run eBGP with respective ISP's. We control the routing through Local preference. Routes learned via primary CE 1 has LP of 500 Routes learned via secondary CE 2 has LP of 250 What happened was BGP went down between CE 1 and ISP. BGP didn't go down betwe...

Paloalto can't block hotspot shield.

Dear all, I am currently facing paloalto can't block and see hotspot shield app.Our organization do not want to use ssl decryption to block hotspot shield. Any other solutions to block hotsport shield without decryption ??? Thanks.

zm.tun by L1 Bithead
  • 10714 Views
  • 8 replies
  • 0 Likes

Panorama Upgrade

Hi Team, I am setting up a new Panorama. Where not even created the Device Groups and Templates yet. I need to upgrade the Panorama but i am not able to do that. I am able to reach internet but unable to fetch the softwares, is there anything that needs to be done to fetch the softwares? Regards, Sanjay S

Resolved! LACP MAC Movement and Doubts

Dear Folks, First time I'm deploying PAs with LACP active/passive for HA solutions. I have some doubts couldn't get enough information from Internet source. 1. In the event, if one firewall goes down, PC on SW1 goes down, how this mac and arp movement happening? Interestingly when I give show interface on PA's both FW1 & 2 sharin...

Ramakrishnan_3-1702285551757.png

redistribute static routes including next hop as next VR in ospf

we have two VR1. Default :eth1/1 - 10.1.1.0/24 L3_LAN Zoneeth1/2 - 10.1.2.0/24 L3_DMZ zoneeth1/3 - internet 2.New_VRtunnel interface tunnel.1_global protect tunneleth1/4 - Branch Core ------- PA ------------------Branch routerWe want to enable ospf in New_VR . As per requirement DMZ subnet of default VR and GP ip pool should redistribute via ...

Deepak25 by L3 Networker
  • 3618 Views
  • 2 replies
  • 0 Likes

auto commit issues after upgrade to 10.x

Hi, We started to experience auto commit finishing delay on our PA-5220 after the upgrade to 10.x. We have a pair of HA PA-5220 in active/passive mode, we never had an auto commit issue before in previous updates, reboots of the firewalls. We have upgraded numerous times before from 8.x all the way to 10.x. In our recent upgrade to 10.1.x, t...

RREALICA by L2 Linker
  • 22538 Views
  • 14 replies
  • 9 Likes

Upgrade of 5260

Dear Team,I have upgraded PA-5260 from 10.0.12 to 10.1.9-h3 and faced weird, issues after the upgrade the customers monitoring system has generated some errors like this >> "device 'slot-1 data processor' status is 'down' "" we have checked and slot1- dp1 these are up but the error in their monitoring system is still alive, can some one as...

Resolved! VPN Traffic not match configured policy hitting default trust to Untrust

Need some assistance with A S2S VPN - We have configured a Similar tunnel from another site to destination 3rd party peer and it's working. The 2nd site is configured the same as the working one. What I cant figure out is the tunnel is up, both tunnel interfaces are up. The Virtual router has static routes to desti primary with metric of 10 and ...

bobany89_0-1701713992772.png

Manual Gateway Selection in GP

Hi Team, We are unable to select the Gateway manually in GP may i know how to set this up? Users needs to get the option to select the Gateway manually. This is quite urgent please help. Regards, Sanjay S

RFC1006 protocol over TCP

Hi has anyone heard of this protocol, give simple example of how it works AND whether or not it's supported by Palo Alto ?

daz12 by L1 Bithead
  • 1051 Views
  • 1 replies
  • 0 Likes
  • 24377 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks