General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Warning: No Valid DNS Security License

Hi Team, I am using PA-3220 . We have only Thread Prevention & Wildfire License. Before Anti-Spyware -DNS Signature was using DNS-Snikhole. Now we change to block we start getting Warning No Vaild DNS Security License . Do we had to buy a license as it is working?

NavidAlam by L3 Networker
  • 33344 Views
  • 6 replies
  • 1 Likes

Resolved! PaloAlto Wont Login after turning off and on again in EVE-NG environment

Hi, Creating a lab to write some python scripts. I set a new username/pass under superuser, and updated amin/Admin123 all under CLI, committed, and set device ip/mask without a default gateway. Turned the machine off. Turned it back on. None of my usernam/pass works, just gives me "Login incorrect" while attempting to login via the CLI....

hfakoor2 by L2 Linker
  • 4104 Views
  • 2 replies
  • 0 Likes

Downloading software upgrade on very slow link

I have some pa-220's located at remote places connected to slow uplinks. When trying to download upgrade base image 10.0.0 and its latest minor, the connection terminates by tcp-rst-from-client after 1800 seconds. Then the pa-220 starts downloading again, but only to be terminated after 1800 seconds again. show jobs all - shows this fail after 1...

Anbjorn by L1 Bithead
  • 2401 Views
  • 2 replies
  • 0 Likes

Migrate to PA firewall cause WIFI roaming issue

Hi Support,We just recently migrate the PA Firewall from cisco firewall. PA Firewall will act as gateway and provide DHCP.however we counter issue with roaming WIFI where client connected to AP A and change location to AP B without disconnect causing loss internet connection. We don't see any drop at all in firewall logs. so we not sure how to t...

Restricted tcp flow throughput in a VPN tunnel

Hello all, On my firewall I have a VPN tunnel dedicated to VEEAM backup copy to a remote site. I have a throughput problem which is only present with TCP flows. I don't have any QOS set on the interface of this tunnel. The flow rule is standard just to make allow. The MTU is 1438 and the adjust tcp mss option is set to 40 for IPv4. With UDP flow...

Laptop with CortexXDR installed from a bankrupt company

Hi, I've got a laptop from a previous employer who is in final stages of bankruptcy. I'm blocked from internet access once I was layed off based on policies in Cortex, I was curious at some point once the company is completely dissolved would the policies no longer be enforced. The reason I ask is when I go into the Cortex console it shows t...

ArtWhite by L0 Member
  • 1602 Views
  • 2 replies
  • 0 Likes

gp_ddns_support.log

Hello - Does anyone know what is meant by, "Interval condition not met !" > tail follow yes plugins-log gp_ddns_support.logThu Sep 21 13:26:23 2023 DDNS enabled, checking when the job was last run...Thu Sep 21 13:26:23 2023 Interval condition not met !Thu Sep 21 13:31:23 2023 DDNS enabled, checking when the job was last run...Thu Sep 21 13:...

HA Configuration on PA-3220 - HA1 is UP but HA1 Backup is Down

I have both PA-3220 HA1-A and HA1-B links connected back to back to each other with a previously verified cable but only HA1 is coming up greeen while HA1 Backup is showing down. The HA1-B interface LEDs on both PA-3220 show green. Any feedback or suggestion is greatly appreciated. PassiveHA Setup BHA Setup AActive

pic1.JPG
pic4.JPG
pic3.JPG
pic2.JPG
aarato by L1 Bithead
  • 35771 Views
  • 21 replies
  • 0 Likes

Resolved! how can i create a PBF rule to send traffic to a http/https proxy?

when i'm trying to set up the rule, where the next hop is the IP of the proxy - i get an error that this IP "does not match subnets defined on the PBF interface" - which is correct, it's on different subnet. What are my options? Do i have to have the proxy on the same subnet as the interface?

Resolved! Confused about QoS on Palo, need some assistance.

My understanding is that QoS only really applies to egress. The issue I faced this week was with Apple updates killing the ingress and impacting sip trunks. Egress didn't appear to be an issue. Now with that said, would applying QoS within our Palos help in any way when it comes to the sip trunks if the issue is with ingress being saturated? ...

  • 24397 Posts
  • 123 Subscriptions
Top Solution Authors
Labels