General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 85 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3328 Views
  • 2 replies
  • 14 Likes

External DNS resolution for specific domains

Hello, 

 

I am trying to look for a solution to an issue we have whereas we don't want to add routes from Azure (via ExpressRoute) to an on premise for public IP's for which Azure devices need to connect to via a Palo Alto firewall and across a VPN to

...

StuartS by L1 Bithead
  • 1526 Views
  • 1 replies
  • 0 Likes

Remove Multiple Saved Config files from CLI?

I recenlty received an alert for /opt/pancfg at 80% full.  It looks like there must be a bug in a PAN-OS version that seemed to be saving off configs every hour, with a random naming convention of "5rkswfabcbep_5syszjl7hw0j.txt" There are hundreds of

...

Global protect enforcer and public wifi captive portal

Dear community,

 

We have deployed Prisma access Global protect [agent 5.2.9], enabling network enforcer and captive portal detection [ 10 min timer and captive portal message].

We are experiencing mixed results with users getting an error web page when

...

Allowing PIA VPN in home network

Hi all,

Quite new to managing NGFW, please be patient.

I have PA-820 looking after my home network, no domain, few computers, using it to learn more than anything else, but since I have it want to use it fully.

I want my Private Internet Access VPN to a

...

trybar by L1 Bithead
  • 2094 Views
  • 2 replies
  • 0 Likes

Palo Alto Firewall VM

I have installed a Palo Alto Firewall VM trial version. Now whenever I have tired to login / after successful login it is suddenly going to runlevel 0 and shutting down.

PAN-PA-5220 Purchase

Dear All,

 

I am planning to purchase PA firewall 5220 for our Datacentre. and came across below model

I am not mistaken then I need to purchase PAN-PA-5220-DC i(f DC power supply) and PAN-PA-5220-AC ( If AC power supply)

 

However I am clueless for what

...

IPSec Tunnel fails after 1 packet

Hi Guys,

 

We have a number of Palo Alto firewalls at our satellite sites configured in a Mesh VPN.

 

Site A, Site B, and Site C (Internal) all work successfully.

Site C DMZ can establish a tunnel to all the other sites, however as soon as the VPN is used

...

Basic Setup.png

Log Forwarding - multiple instances of same catgory?

In Log Forwarding Profile I have URL Filtering/All Logs going to a log collection server. 
But for URLs of a phishing category I want those to be emailed. I tried to do this by 

creating a second profile match list profile URL Filtering/phishing. But

...

Admin credentials were not changing

Hi
We have 2 PA-850
They are working in HA mode

When i got the handover they gave the admin credentials

The secondary was always active
When i tried to login to the passive one the admin password did't work

At the end i logged in with the initial password

...

Questions) Missing Panorama Log

When creating the Security Policy Rule, 'Log at Session Start/End' was all selected as Actions.

After this, when I check the log in Panorama, only the End Log is visible and the Start Log is not visible.
Also, sometimes this logs are not visible.

 

I

...

Policy Actions.png
future by L1 Bithead
  • 1775 Views
  • 3 replies
  • 0 Likes

SAML Jumpcloud HA Implementation

Hi,

 

i follow the docs here LIVEcommunity - PAN-OS SAML SSO with JumpCloud and Mobile Push MFA - LIVEcommunity - 493684 (paloaltonetworks.com)

it works well with one firewall. When it used to HA active Passive Environtment, it wont work on the passive,

...

URL Filtering Wildard - ? in URL

I have inbound decryption set up for a server and we want to restrict what URLs users can get to.  The website admin tells me that ALL links to the site will contain something similar to the following:

 

https://my.web.server/xxx/yyy/zzz/TEXT_SOMETHING

...

RCurrie by L0 Member
  • 1594 Views
  • 2 replies
  • 0 Likes

Session end reason=resources-unavailable, version 8.1.15.h3

In the traffic log we have found some entries with a session end reason=resources-unavailable, version 8.1.15.h3, however PAN-189468 is not affecting our version only affects version: 

 

9.1.0-9.1.13
10.0-10.0.10
10.1.0-10.1.4

 

adm_(active)> debug datapla

...

Alpalo by L4 Transporter
  • 1738 Views
  • 1 replies
  • 0 Likes
  • 24125 Posts
  • 100 Subscriptions
Top Solution Authors
Labels