This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4440 Views
  • 0 replies
  • 0 Likes

Palo Alto Mgmt IP sent huge traffics to the hawkeye services.

Hi Guys, I just want to ask. From my T1 firewall, i can see that my Palo Alto Mgmt IP is sending huge traffics to the hawkeye.services-edge.paloaltonetworks.com. You may refer to the attached picture. Is it normal our Palo Alto Mgmt Ip sent a large volume of traffics, which is around 20gb? What is the factor that influences the Mgmt IP to send...

Cannot create custom region

Running 10.1.6-h3 and in Panorama I go to objects, regions and click add but it won't let me add an IP Address. We only allow US traffic using a deny policy for anything other than the US and I have a need to add a single IP address in another country without allowing the whole country. I have two other custom regions but even editing those ...

stream timeout

Hello Palo Alto World! We are experiencing a "stream timeout" error when visiting srm.gzhtdq.com.cn (see also stream_timeout.png). When we disable GlobalProtect and do not use the VPN Tunnel, then the website works. I excluded the website from decryption, but it didn't help. I am not sure what the issue for this could be. The application bei...

Re-Opening a support case

I have a case that I need to get re-opened when the 'Manage Your Case' tab is not available. I can not open a new case because neither one of my Serial Numbers have licenses attached to them when they should. This was an RMA case that the old device was removed from assets so the new device can not have the licenses transferred. Please help.

Resolved! custom url category with non http and https port.

HI, I Have created custom URL category e.g category name (*.xyz.com) Now I want to create inbound rule like below. Source zone :- Internet Destination Zone :- LANDestination IP :- AnyPort :- 389 , 4172URL Categary :- 'Custome category'Security Profile : Any My doubt is will this work on port 389 and 4172 port or this will work only on http and ...

AnyDesk application is not recognised in Palo Alto version 10.2.17

Hello, team: The AnyDesk application is not recognised in Palo Alto version 10.2.17; it is classified as SSL and I cannot block it. Does anyone know if this is a problem with Palo Alto? I don't have any decryption policies, In my company, we can only block this through apps by policy. . Can anyone help me? Best regards

Alpalo by L4 Transporter
  • 1957 Views
  • 5 replies
  • 0 Likes

Palo Alto User Agent ID Services Failing intermittently

We have 2 User ID agents on 2 different windows servers. Both User-ID agents' services are getting hung up and requiring manual intervention of services being stopped and started after couple of days. The issue has progressively been getting worse as well. This is causing group mapping to intermittently fail. We have upgraded the gateways to the...

Resolved! Migrate model FW to virtualwith panorama for policies (recommended procedure)

Hi, We have to migrate a standalone PA-820 to a cluster VM500. The config will be the same except few interface changes. Only security policies are deployed from panorama (not template). So what is recommended way to do It? Which option is better:1) export existing device state fw to the VM FW?2) export/import just the running config. Do som...

BigPalo by L4 Transporter
  • 948 Views
  • 1 replies
  • 0 Likes

Resolved! Combining IP and URL EDL on Rules

Hello, We're adding the Microsoft 365 EDLs from here: EDL Hosting Service. The goal is to allow access to all M365 IPs and URLs outbound. What's best practice if I have two separate EDLs, one for IPs and one for URLs? I see that IP-based EDLs can be used in the Destination portion of the rule, and URLs appear to be only selectable in the ...

Resolved! Changes to sinkhole?

Starting early yesterday we began seeing a lot of activity from a subset of iPhones on our network getting mask.icloud.com caught by sinkhole.paloaltonetworks.comWe've been unable to find any commonalities between the devices. Wondering if anyone has been seeing anything similar or if this is a known issue?

M.Crow by L1 Bithead
  • 1299 Views
  • 1 replies
  • 0 Likes

Resolved! SCM Compatibility

Hello Everyone! I am looking for insight on the possibility of bringing PA-220s and PA-220Rs into SCM Pro for visibility and configuration. My research has led to conflicting results: Strata Cloud Manager Prerequisites indicates that the Advanced Routing Engine (ARE) is a requirement for onboarding a device into SCM. Advanced Routing sta...

nohash4u by L3 Networker
  • 2300 Views
  • 2 replies
  • 0 Likes
  • 24375 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks