This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Using PAN as a DHCP Server - MAC Addresses are Case Sensitive

Hi everyone, I'm having an issue trying to tell our account representative that PAN should treat upper-case or lower-case (or even mixed) MAC addresses as one entry. I say this because I had an entry in our PAN DHCP Server all in lower-case (entered manually); later, I copied a MAC address into the system was wondering why the device didn't p...

Resolved! DNS Security Filtering

DNS Security Filtering - baymanager.fullswingapps.com - has been classified as "phishing" and is currently being blocked by the DNS security filter on our PA firewall. This is a website for managing Full Swing Golf Pro simulator customer sessions on our equipment. How do we request a classification change for PAN DNS Security? Thanks.

IPSec Tunnel data flow

Hi All, I recently established an IPSec tunnel between our Palo Alto firewall and a Fortigate device. The connection appears to be functioning properly, as indicated by a green status. However, I've noticed that instead of utilizing the IPSec tunnel, data is being transferred through the WAN interface. Can anyone provide assistance with this i...

BRaj23 by L0 Member
  • 845 Views
  • 1 replies
  • 0 Likes

Resolved! Palo Alto Proxy IDs Bidirectional?

Hi everyone, I am a bit confused about proxy IDs when it comes to tunnel negotiation. Lets say I have a tunnel I am building with a vendor. My encryption domain will be 192.168.1.0/24 and my vendor will have 192.168.2.0/24. So lets also say the vendor has an ASA so I will add this proxy id to my phase 2 config: Source 192.168.1.0/24 Destination ...

PAN-186584

Happy Friday, Have anyone experimented similar behavior reported under PAN-186584 on VM-Series? #PAN-186584

Pre go-live Health checks for auto deployed VMs in AWS

Not sure how to post in the automation section anymore as it now has been moved to read only. Anyways.. need some insight please. so we recently did a POC to use Terrarorm to autoscale / deploy VMs in AWS cloud. all good and working. However we need to do a use case for health checks to verify a VM is setup correctly before it goes into produc...

PA_nts by L4 Transporter
  • 1330 Views
  • 2 replies
  • 0 Likes

Resolved! Why cant a URL be used directly in a policy?

Hi, I understand that to block an individual URL it has to be in a custom category before it can be used in a policy as a destination. For my own education and curiosity, my question is why must it be in a category? What is the processing logic in the firewall that makes this a requirement?

ABurger by L0 Member
  • 1714 Views
  • 2 replies
  • 0 Likes

HA mode with vwire

Not sure it this is the right location for this question but here we go ...I'm trying to replace 2 transparent ASA's in ACT/STDBY with 2 Palo's in the same setup vwire ACT/PAS. Current setup is the asa's are connected to 2 vpn servers in ACT/PAS config, the asa’s have a 3 interface BVI (2 inside interfaces one to each vpn server and 1 outside in...

Resolved! What are the Warning and Critical threshold values for the disk utilization (root partition)

Dear All, I hope you could help me with the query I could not find answer. The customers would like to monitor the disk space usage and he is asking about Warning and Critical threshold values for the disk utilization (root partition). Unfortunately, I could not find any information in the PA documentation about the above, but based to my kn...

Chromebook usernames in Palo Alto logs.

Hi, I was wanting to know if it is now possible to have the Palo Alto firewall log url traffic with the username from chromebooks. It shows the username for all windows users as it syncs with AD, but can't get the chromebook users to show up. I set Google to work with Cloud identity engine, thinking that might be a solution. So far can't get ...

dholmes by L0 Member
  • 2695 Views
  • 3 replies
  • 0 Likes

VPN event messages keep receiving

Hi, I have two IPSec tunnel configured between Azure PA firewall and cisco router. worried about continuously getting the informational event logs ikev2-nego-child-sart, ikev2-nego-child-fail & ikev2-recv-p2-delete Did the setting DH group to No PFS on palo alto side after that ikev2 KEv2 child SA negotiation is succeeded but still got the ...

VirupakshaRajapur_0-1691068863263.png

The backup file received through XMLAPI is different from the actual configuration.

Hello, I'm sending a backup file to Windows Server using XMLAPI. However, when compared to the actual exported configuration, the file size was different, so I checked and found that it was being sent to the Windows server in the format shown in the attached photo below. It appears that files without \n are being exported. Is there a solut...

sujichoi by L1 Bithead
  • 1681 Views
  • 2 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks