This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4433 Views
  • 0 replies
  • 0 Likes

Resolved! Network Access Control

Hi Guys! May someone help me with this - Is there capability with Palo Alto FWs to enable some sort of network access control for both wirelss and wired to control devices on our network? The goal is to be able to prevent non-company devices from connecting to our network.I don't think there is, but want to make sure. Much appreciated!

edemura by L0 Member
  • 8610 Views
  • 4 replies
  • 0 Likes

Handling of and Awareness of APP-ID shifts or new releases

I'm not sure how much it's been publicized, but there's a pretty significant improvement to how Palo is letting customers handle newly released APP-IDs or application shifts. Thus far when new app-ids are released customers just have to accept them without really understanding if the coming change will effect existing security policy. Well fi...

Resolved! Export named configuration failed

While trying to export the Named Configuration , the configuration is not getting downloaded. Only a 2 line text file as below is getting downloaded. ----------Begin file-------------- Could not retrieve config file.Invalid file path. --------------End file---------------- Product used : PA-3220 PAN OS 9.1.6 We are not using the Panaroma ...

bsashok by L0 Member
  • 3605 Views
  • 1 replies
  • 0 Likes

Resolved! Agentless User-Id integration

Dear Team, I will be integrating User-id agentless method, can i integrate with multiple AD servers to achieve this or is there some challenges to integrate agentless with multiple ad servers? regards, Doyen Admin

Monitoring the firewall

Hello, i would like to monitor the firewall using centreon. Unfortunately we are using the free version so we dont have access to the snmp and ssh plugins packs and we have to do everything by ourselves. To get CPU, uptime information and so on i can use snmp using OID. However to get more detailled informations i would like to run ssh comma...

zakergfx by L1 Bithead
  • 1597 Views
  • 1 replies
  • 0 Likes

Tunnel Monitoring

Hi Team, I wanted to setup Tunnel Monitoring for the Dynamic IPSec tunnels. Peer end IPs are dynamic, we have around 5 to 6 VPNs that we need to monitor. I was going through the SK where it says for Tunnel monitoring, we need to have IP address configured on the tunnel interface used for the VPN. And even the Tunnel interface IP can be any dummy...

System Log Events

Does anyone know if there's a list of all the events that get logged to the firewall System Log? If so, could you please point me to it? The Administrators Guide refers to this list however, I cannot find it. Kind regards,Jeff

jwolach by L4 Transporter
  • 3192 Views
  • 1 replies
  • 2 Likes

IPSec Phase 1 tunnel not connecting

Hello Everyone, Need your support to fix a FW to FW PA IPSec Phase 1 tunnel not connecting. I have checked the setting with the vendor and configuration is same at both the ends. Below are the debug logs from PA 2023-11-30 14:30:40.000 +0400 [DEBG]: { 3: }: 180 bytes from 5.41.58.98[500] to 215.70.10.151[500]2023-11-30 14:30:40.000 +0400...

Required PAN-OS 8.1.25-h1 for PA 3060

Hi, As per the advisory https://live.paloaltonetworks.com/t5/customer-advisories/emergency-update-required-pan-os-root-and-default-certificate/ta-p/564672 customer need to upgrade the PA 3060 from version 8.1.15 to 8.1.25-h1 or greater but i'm unable to see image 8.1.25 in firewall download section neither available on PA Support portal. Is 8....

PANOS 9.0 root partition fill in PA 3000 models

Hi Community, We are able to upgrade to PANOS 9.0 from any maintenance version of 8.1. Once we install Base version 9.0.0 and maintenance version 9.0.X root partition is getting filled upto 93 to 95%. Let say firewall is running in 9.0.6, If we want to upgrade to 9.0.8 we are unable to proceed because the root partition is full and software man...

vmware-carbon-black and App-ID

I've run into an issue with regard to deploying VMWare Carbon Black within my environment. There are a subset of endpoints that have never connected to the Internet directly and use proxy allowances for Windows Updates, etc. I have requested that the ports and URLs that VMWare Carbon Black uses have allowances so that can register successfully ...

programmatically create address objects.

Hi, Is there any way to programmatically create address objects, via API or something? I have a list of approx. 50 subnet ranges for which I need to create corresponding address objects in the firewall, hence was thinking if there is a quick and easy way of doing that instead of adding one at a time through GUI. Thanks, Fatema

fatemabw by L0 Member
  • 1866 Views
  • 1 replies
  • 0 Likes
  • 24374 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks