This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

Migrate to PA firewall cause WIFI roaming issue

Hi Support,We just recently migrate the PA Firewall from cisco firewall. PA Firewall will act as gateway and provide DHCP.however we counter issue with roaming WIFI where client connected to AP A and change location to AP B without disconnect causing loss internet connection. We don't see any drop at all in firewall logs. so we not sure how to t...

Restricted tcp flow throughput in a VPN tunnel

Hello all, On my firewall I have a VPN tunnel dedicated to VEEAM backup copy to a remote site. I have a throughput problem which is only present with TCP flows. I don't have any QOS set on the interface of this tunnel. The flow rule is standard just to make allow. The MTU is 1438 and the adjust tcp mss option is set to 40 for IPv4. With UDP flow...

Laptop with CortexXDR installed from a bankrupt company

Hi, I've got a laptop from a previous employer who is in final stages of bankruptcy. I'm blocked from internet access once I was layed off based on policies in Cortex, I was curious at some point once the company is completely dissolved would the policies no longer be enforced. The reason I ask is when I go into the Cortex console it shows t...

ArtWhite by L0 Member
  • 1479 Views
  • 2 replies
  • 0 Likes

gp_ddns_support.log

Hello - Does anyone know what is meant by, "Interval condition not met !" > tail follow yes plugins-log gp_ddns_support.logThu Sep 21 13:26:23 2023 DDNS enabled, checking when the job was last run...Thu Sep 21 13:26:23 2023 Interval condition not met !Thu Sep 21 13:31:23 2023 DDNS enabled, checking when the job was last run...Thu Sep 21 13:...

HA Configuration on PA-3220 - HA1 is UP but HA1 Backup is Down

I have both PA-3220 HA1-A and HA1-B links connected back to back to each other with a previously verified cable but only HA1 is coming up greeen while HA1 Backup is showing down. The HA1-B interface LEDs on both PA-3220 show green. Any feedback or suggestion is greatly appreciated. PassiveHA Setup BHA Setup AActive

pic1.JPG
pic4.JPG
pic3.JPG
pic2.JPG
aarato by L1 Bithead
  • 34840 Views
  • 21 replies
  • 0 Likes

Resolved! how can i create a PBF rule to send traffic to a http/https proxy?

when i'm trying to set up the rule, where the next hop is the IP of the proxy - i get an error that this IP "does not match subnets defined on the PBF interface" - which is correct, it's on different subnet. What are my options? Do i have to have the proxy on the same subnet as the interface?

Resolved! Confused about QoS on Palo, need some assistance.

My understanding is that QoS only really applies to egress. The issue I faced this week was with Apple updates killing the ingress and impacting sip trunks. Egress didn't appear to be an issue. Now with that said, would applying QoS within our Palos help in any way when it comes to the sip trunks if the issue is with ingress being saturated? ...

Resolved! HTTPS Traffic Not Returning Via IPSec Tunnels

I have a customer who is using PAN appliances and we have a valid IPSec tunnel to a cloud provider. Traffic is fine for SSH and ICMP traffic in both directions. However, when we send HTTPS traffic across the tunnel the firewall logs suggest no bytes received and nothing past the SYN going out (we see no ACK etc.). From the client perspective it ...

Panorama Push Error

Hi Guys, We are trying to push configuration from Panorama HW to AWS Firewall but getting below error upon following the devsrv we see below: I am wondering what is "Unable to execute eproxy script. Error (512) " and how to go on resolving as it is not throwing any specific error msg to relate to an issue. Many Thanks, @BPry @kiwi

Pras_1-1695279652977.png
Pras_2-1695279721946.png
Pras by L4 Transporter
  • 3391 Views
  • 5 replies
  • 0 Likes

SSL inbound inspection certificate issue

I am trying to configure SSL inbound inspection for one of the application in our environment. I am not sure if the certificates that are being provided are correct and need some guidance for the same. Steps done: > Server team generated CSR in pkcs12 format and sent the same to our companies internal CA for signing. > Certs provided ...

Sukhmeet by L1 Bithead
  • 1318 Views
  • 1 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks