This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4221 Views
  • 0 replies
  • 0 Likes

Site to Site VPN issue

Hi, We have 3 sites with Palo Alto PA-415 devices. Site A is the headquarters, and Site B and C need to connect with a site to site VPN to Site A. We have Site A and B connected, but site A and C won't connect. We setup the VPN connection the same way. How can we troubleshoot this? We have a ton of experience with Sophos firewalls, but th...

PAN VM Security Policies -

I have setup my VM on a single desktop with 4 NICS to connect to different subnets and security zones and to have different interface setups for the VM. Two other desktops have NICS with different subnet scopes. I have created a rule to test ping traffic from zone 'A' to zone 'B' as an example. You can ping from a client in zone 'A' to a client...

Source user information is intermittently not visible in the traffic log.

he agent is installed on the ad server and user information is mapped and confirmed. However, source user information is not visible intermittently in the traffic log. This occurs even when it is the same application and the same external address. I would like to know why this may occur. The timeout is 45 minutes, and the symptoms are the same e...

How API to work with PA

Hi We like to set up API for palo alto and review related documents. I found there are a lot documents on API. but I am not familar with API in PA and do not know which documents is good for beginner to kick off. Anyone can share some documents link for understanding how to use API and explain how ACI to work with PA? Thank you very much!

kevinospf by L3 Networker
  • 1539 Views
  • 2 replies
  • 0 Likes

Checking NAT Pool Usage from the GUI

Hello community,I'm wondering if there is a way to check the usage of IP addresses in a NAT pool from the GUI and/or from Panorama. I'm interested in seeing which original IP addresses have been translated and what is the translated address. The CLI command equivalent for this is show running nat-rule-ippool <rule_name>I have checked the d...

WhatNot by L0 Member
  • 4463 Views
  • 2 replies
  • 0 Likes

FQDN Object in Policy - not working but FQDN seems to resolve properly

I've never had the opportunity to use or need to use an FQDN in a security policy before but my first attempt to do so does not seem to be working. I'm trying to use an FQDN to restrict IPSEC/IKE traffic from a Virtual Network Gateway (VNG) in Azure. The public IP has to be dynamically assigned and we tear down the VNG and put it back in place ...

PanOS 10.1: DHCP server missing hostnames / descriptions

PA220 running PanOS 10.1 managed via Panorama 10.1. Prior to PanOS 5.something, you could not add a description to an IP reservation in the DHCP server configuration. Later in 5.something, a description field was added. This works. You can add a description and see that description when looking at the DHCP Server configuration in Panorama o...

fjwcash by L4 Transporter
  • 1818 Views
  • 1 replies
  • 1 Likes

Resolved! DHCP feed to Cortex XDR

Dear all, I have troubles to feed our DHCP logs into Cortex XDR. I watched this Video: https://www.youtube.com/watch?v=rxmn1sYzIlY and for the installation I used this manual: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Ingest-Logs-from-Windows-DHCP-using-Elasticsearch-Filebeat?tocId=1oUsTnJzhhrKS...

PeterSchlageter_0-1696938683614.png
PeterMS by L1 Bithead
  • 4044 Views
  • 4 replies
  • 0 Likes

Removing a device from Panorama - what happens to shared objects?

I want to remove a device from Panorama and have it continue to work independently. I have a lot of shared objects - addresses, address groups, URL categories and schedules. What will happen to those objects when I remove the device using this procedure: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cmd6CAC will ...

indypl by L0 Member
  • 1430 Views
  • 1 replies
  • 0 Likes

Resolved! The Serial # no is showing as unknown!

Hello experts! In my Palo Alto web interface, the Serial# is showing as unknown, and I know that unknown means the firewall is not licensed. To view traffic logs on the firewall, you must install a valid capacity license. How can I have my firewall licensed? I have deployed the Palo Alto VM series firewall from the Azure marketplace. and the ...

NidhiNC01_0-1698722519479.png

Creating user-ip mappings from the command line.

Is it possible to authenticate machines to Captive portal from the command line? We have several linux machines who don't have access to the web browse only command line. Can these be authenticated through curl or any other command line tool?

Using PAN as a DHCP Server - MAC Addresses are Case Sensitive

Hi everyone, I'm having an issue trying to tell our account representative that PAN should treat upper-case or lower-case (or even mixed) MAC addresses as one entry. I say this because I had an entry in our PAN DHCP Server all in lower-case (entered manually); later, I copied a MAC address into the system was wondering why the device didn't p...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks