This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4107 Views
  • 0 replies
  • 0 Likes

static routes for 2 wan links with DHCP dynamic IPs

Hi everyone, I would like to ask for some assistance in my configuration, the palo alto firewall has been so far a pretty frustrating experience, I guess due to my lack of knowledge of Pas i have 2 wan dhcp dynamic ips links I would like to implement some redundancy if 1 link goes down - the second link activates and when the primary goes ...

nevolex by L3 Networker
  • 3189 Views
  • 2 replies
  • 0 Likes

Resolved! What privileges required by service account used by palo alto firewall in LDAP server profile to fetch group information from LDAP server

What privileges required by service account used by palo alto firewall in LDAP server profile to fetch group information from LDAP server for group mapping?Do we need admin privilege ? oris it enough that we need service account only to be a member of the following groupsEvent Log Reader Distributed COM Users Server Operators

perumalj by L2 Linker
  • 12523 Views
  • 3 replies
  • 1 Likes

Site to Site VPN issue

Hi, We have 3 sites with Palo Alto PA-415 devices. Site A is the headquarters, and Site B and C need to connect with a site to site VPN to Site A. We have Site A and B connected, but site A and C won't connect. We setup the VPN connection the same way. How can we troubleshoot this? We have a ton of experience with Sophos firewalls, but th...

PAN VM Security Policies -

I have setup my VM on a single desktop with 4 NICS to connect to different subnets and security zones and to have different interface setups for the VM. Two other desktops have NICS with different subnet scopes. I have created a rule to test ping traffic from zone 'A' to zone 'B' as an example. You can ping from a client in zone 'A' to a client...

Source user information is intermittently not visible in the traffic log.

he agent is installed on the ad server and user information is mapped and confirmed. However, source user information is not visible intermittently in the traffic log. This occurs even when it is the same application and the same external address. I would like to know why this may occur. The timeout is 45 minutes, and the symptoms are the same e...

How API to work with PA

Hi We like to set up API for palo alto and review related documents. I found there are a lot documents on API. but I am not familar with API in PA and do not know which documents is good for beginner to kick off. Anyone can share some documents link for understanding how to use API and explain how ACI to work with PA? Thank you very much!

kevinospf by L3 Networker
  • 1499 Views
  • 2 replies
  • 0 Likes

Checking NAT Pool Usage from the GUI

Hello community,I'm wondering if there is a way to check the usage of IP addresses in a NAT pool from the GUI and/or from Panorama. I'm interested in seeing which original IP addresses have been translated and what is the translated address. The CLI command equivalent for this is show running nat-rule-ippool <rule_name>I have checked the d...

WhatNot by L0 Member
  • 4296 Views
  • 2 replies
  • 0 Likes

FQDN Object in Policy - not working but FQDN seems to resolve properly

I've never had the opportunity to use or need to use an FQDN in a security policy before but my first attempt to do so does not seem to be working. I'm trying to use an FQDN to restrict IPSEC/IKE traffic from a Virtual Network Gateway (VNG) in Azure. The public IP has to be dynamically assigned and we tear down the VNG and put it back in place ...

PanOS 10.1: DHCP server missing hostnames / descriptions

PA220 running PanOS 10.1 managed via Panorama 10.1. Prior to PanOS 5.something, you could not add a description to an IP reservation in the DHCP server configuration. Later in 5.something, a description field was added. This works. You can add a description and see that description when looking at the DHCP Server configuration in Panorama o...

fjwcash by L4 Transporter
  • 1765 Views
  • 1 replies
  • 1 Likes

Resolved! DHCP feed to Cortex XDR

Dear all, I have troubles to feed our DHCP logs into Cortex XDR. I watched this Video: https://www.youtube.com/watch?v=rxmn1sYzIlY and for the installation I used this manual: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Ingest-Logs-from-Windows-DHCP-using-Elasticsearch-Filebeat?tocId=1oUsTnJzhhrKS...

PeterSchlageter_0-1696938683614.png
PeterMS by L1 Bithead
  • 3952 Views
  • 4 replies
  • 0 Likes

Removing a device from Panorama - what happens to shared objects?

I want to remove a device from Panorama and have it continue to work independently. I have a lot of shared objects - addresses, address groups, URL categories and schedules. What will happen to those objects when I remove the device using this procedure: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cmd6CAC will ...

indypl by L0 Member
  • 1382 Views
  • 1 replies
  • 0 Likes

Resolved! The Serial # no is showing as unknown!

Hello experts! In my Palo Alto web interface, the Serial# is showing as unknown, and I know that unknown means the firewall is not licensed. To view traffic logs on the firewall, you must install a valid capacity license. How can I have my firewall licensed? I have deployed the Palo Alto VM series firewall from the Azure marketplace. and the ...

NidhiNC01_0-1698722519479.png

Creating user-ip mappings from the command line.

Is it possible to authenticate machines to Captive portal from the command line? We have several linux machines who don't have access to the web browse only command line. Can these be authenticated through curl or any other command line tool?

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks