This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4107 Views
  • 0 replies
  • 0 Likes

Icon Legend

Hello - Is there an icon legend for Palo Alto. Meaning, the icon difference between like a single user and a group. Make sense?

Resolved! Is PA 10.0.4 version CLI commands significantly updated?

I'm using 10.0.4 for my eve-ng labs. I'm using chatgpt and google to look up CLI commands. I'm concerned with writing some Python scripts, so when I really focus on PanOS I will be buying textbooks and going to the admin guide and going for a PCSNE. For now I want to script. The suggestions by google and chatgpt for CLI commands seem to vary a...

hfakoor2 by L2 Linker
  • 1823 Views
  • 1 replies
  • 0 Likes

mDNS (Apple Bounjour) between two VLANs through a PA

Hi, this is the scenario: - a PA with two physical L3 interfaces (1 zone per interface, 1 subnet per interface, we call them A and B).- I have a device in Subnet A which is an Airport thing with a printer attached. Devices in Subnet A they can discover the printer via the Apple Bonjour service- Devices in Subnet B cannot discover the printer in ...

myrdin by L2 Linker
  • 28628 Views
  • 22 replies
  • 0 Likes

Resolved! Problem with connectivity to my lab network

So I'm running some PA's inside a Eve-NG lab environment. Everything has connection to everything, including to my local PC with one caveat. When I ping out the PaloAlto firewall to an address I need to specify a source interface or it deems host Unreachable. I believe this is causing my PC to not be able to ping the PaloAlto interfaces either ...

hfakoor2 by L2 Linker
  • 5073 Views
  • 5 replies
  • 0 Likes

Cannot install Applications and Threats : No matching contents package found in panupv2-all-apps

Hi thereI'm new here, just got our first pair or NGFW's. I'm trying to update to the latest PANOS which requires and install of Applications and Threats.How ever when i try to install it i get: Failed to update content with following message: encfilesize is 70541232 No matching contents package found in panupv2-all-apps-8743-8224.eap.tgz exitin...

Reporting URLs and Bytes together?

We are trying to produce a report which summarizes the URLs visited by a specific user along with the total bytes downloaded from each URL.It seems that the bytes are available in the Traffic log, but not the URLs; conversely, the URLs are in the URL log, but not the bytes.Is there some way or producing reports which correlate the various logs?T...

KGC by L3 Networker
  • 5240 Views
  • 5 replies
  • 0 Likes

Resolved! Traffic Loc Collection API

I am calling for traffic logs but only getting the first 20 lines by default as expected but when I add nlogs=1000 it makes no difference. has anybody else come across this?? Edited... OK it seems that the nlogs only works to generate the job and ID. does anybody know how to retrieve logs more than 20 at a time. I have a workaround by lo...

Mick_Ball by L7 Applicator
  • 1470 Views
  • 2 replies
  • 0 Likes

Global Protect Not able to access external application

Hi, I have a web application hosted by OCI, from on Prem I and my users can access the application without any problems. However when connecting to our PA setup through global protect we cant access the application. We have a very similar setup for some AWS hosted web applications and these work without any issues. Any ideas as I am stumpe...

paul-b by L0 Member
  • 4436 Views
  • 3 replies
  • 0 Likes

Web Auth FW with HA

Hello, I am configuring Webauth with certificate on my FW cluster and currently the access to the active FW is correct. I have created CA and client certificate correctly, the problem I am facing to access the passive node, is it necessary to create another CA also for the Passive FW? Is there any way to have a single CA for the cluster? Can any...

Alpalo by L4 Transporter
  • 1517 Views
  • 3 replies
  • 0 Likes

Resolved! Clarification which update to use for CVE-2023-38802 (VM-100)

Hi everyone. Just wondering on which update to apply for CVE-2023-38802 on a VM-100. The Palo CVE report CVE-2023-38802 PAN-OS: Denial-of-Service (DoS) Vulnerability in BGP Software (paloaltonetworks.com) says any version under 10.2.6 is affected. However, the Recommended OS version page Support PAN-OS Software Release Guidance | Palo Alt...

Resolved! Migrating PA-5050 to PA-5410

Hello all, Is it possible to migrate from PA-5050 to PA-5410? I've been finding threads regarding migrating to PA-5220 only, but nothing on migrating to PA-5410. We've updated the PA-5050 to the final version available 8.1.25, but when we move to the PA-5410 the lowest version possible for it is 10.2. Will the giant gap between 8.1.25 and 10....

How to configure ipsec vpn

How to configure ipsec vpn between palo atto and fortigate firewall . VPN flow is following Remote Lan (191.168.1.0/24) >>>> Fortigate (192.168.10.2 private ip)>>>>>Cisco router(203.1.1.2/29)>>>>>PaloAlto(202.1.1.10/30-public ip)----Local lan fortigate firewall is the behind the NATed device that is cis...

Chignon by L0 Member
  • 2422 Views
  • 2 replies
  • 0 Likes

Resolved! Adding management interface to OSPF via CLI

I'm doing a lab and I need to SSH to the firewalls to run some python scripts, Is there a way to set OSPF to management interacee via set commands, with a management interface of 10.1.1.75? I got the virtual-router default into OSPF, but I can't ping to my local PC. I cannot ping to other devices in the lab, unless I source it from a virtual...

hfakoor2 by L2 Linker
  • 2145 Views
  • 3 replies
  • 0 Likes

Resolved! Generate cookie vs Accept cookie

Hi Team, Can anyone explain what Generate cookie and Accept cookie actually do? I always find myself messing with the cookie settings when enabling DUO/Azure SAML MFA but confused as to what the difference is and what they do.

Schneur_Feldman_0-1680710262228.png

Problem when SSH into a firewall

I can SSH from firewall to firewall, but when i try to SSH from a C brand router to the paloalto firewall I receive this error message: *Sep 27 21:16:32.190: %SSH-3-NO_MATCH: No matching cipher found: client aes128-cbc server chacha20-poly1305@openss h.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com Whe...

hfakoor2 by L2 Linker
  • 1896 Views
  • 1 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks