This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4436 Views
  • 0 replies
  • 0 Likes

Custom Dashboard

I need to create a custom dashboard of vulnerabilities, which unites more than one database and allows me to filter by Endpoint Groups, Dates and Severity. I am not able to add settings and parameters or edit already configured dashboards.

Girotto by L0 Member
  • 1455 Views
  • 2 replies
  • 0 Likes

Static route to IPSec peers with dynamic IPs

Hello Community! We have 2 external interfaces, eth_1 holding the default 0.0.0.0/0 route and eth_2 We would like to use external interface n2 to build IPSec tunnels whose peers have dynamic public IP. Is there a way to route the traffic to these dynamic peers over eth_2 without having to use default route over eth_1? Thank you!

Carracido by L4 Transporter
  • 1266 Views
  • 1 replies
  • 0 Likes

PAN OS Upgrade with USB Drive

Hi I am new on Paloalto and want to upgrade PAN OS. Like Cisco or Juniper, we can downloa New OS into USB drive then we can simply upgrade from USB. I have searched PAN OS upgrade using USB but seems I can't find the proper guide. Can someone advise if there is any doc?PS: My PAN FW is not connected to internet so i can't download directly from...

Resolved! Firmware update from USB

Hello All,I am new to paloalto firewalls (student in training), I have a PA-500 device and I am trying to update the firmware from 6.0.2 to 6.1.0 from USB. I have tried the following below and still having issues. 1. Directly download into the firewall2. Download firmware from laptop/desktop I was wondering though seeing that there is a USB port...

lzabler by L1 Bithead
  • 12196 Views
  • 7 replies
  • 0 Likes

3020 9.1.13 frequent high packet loss with Zoom

Many of us are back on site now and we are seeing seemingly random, unexplainable packet loss for those in Zoom meetings. Looking for suggestions on things we can try to reduce this issue. I suspect that large downloads are saturating our firewall and causing packet loss of zoom after. We have 1gbps up and down fiber internet, with very low late...

About Category

Hello I have a palo alto firewall at my work and i manage to block all sites and allow some , but some of allowed sites in the blocked category that came from palo alto .. my question is there any way to edit there pre installed category to remove some site from it ? Thank you

syslog send rate

Working with two PA-5260 to forward syslog to a remote servers on different networks. Set with default max logging rate is 50k. For PA-A log-receiver stats show log incoming and written rates around 2k and under External Forwarding stats the syslog send rate(last 1 min) is 100. For PA-B log-receiver stats show log incoming and written rates ...

ACW606 by L0 Member
  • 2195 Views
  • 2 replies
  • 0 Likes

Palo Alto 440 not booting. PWR led is Amber.

After making some modifications in the DHCP and doing a commit the FW got stuck, I tried to do a hard reboot without success, also when starting by console cable does not allow me to log in. The led of power sources 1 and 2 are green when connected and turned on, but the PWR led on the front panel appears amber, as if it was doing a reboot all t...

EDL access using sharepoint as source

Hello guys, I'm having a problem when using our SharePoint (https) as a source URL of my EDL. I cannot access it even if I tried adding a certificate profile and client authentication. But when using another source URL, I can manage to access the same EDL.I did follow this video tutorial from youtube: https://www.youtube.com/watch?v=Vpy677VOV20S...

RVizcarra by L4 Transporter
  • 4706 Views
  • 4 replies
  • 0 Likes

Resolved! EDL - How to find out if its updated automatically

Hi, We are using predefined EDL Palo Alto Networks - Known malicious IP address in deny rules . I would like to know how we can check if this EDL is updated and when was the last time it was updated successfully etc. Thanks.

Ismailsh by L1 Bithead
  • 6168 Views
  • 1 replies
  • 0 Likes

split tunnel issue

These two snapshots are from two different VMs, which have installed GlobalProtect VPN. However, I saw different log messages printed out (check the marked part). I am just wondering why bindEntry is different on them? Thanks

xingyun_0-1693228603537.png
xingyun_1-1693228649083.png
xingyun by L0 Member
  • 1274 Views
  • 2 replies
  • 0 Likes

OSPF stuck in EX-START after PAN-OS upgrade

We ran into a situation where the OSPF was stuck into EX-START after upgrading the PAN_OS software from 9.1.10 to 9.1.16 (Preferred release). We have a deny-all rule above the Intrazone-default allow, but it was working fine previously. We checked that MTU was not an issue. We understand from this article - OSPF Neighborship Stuck in Extstart St...

Resolved! Threat Intelligence shows malicious traffic coming from Palo Alto subnets

Hello All, Recently, we started seeing threat events from different Palo Alto IPs (example subnet 198.235.x.x). When we check them in AbuseIPDB, they show up as 100% malicious: https://www.abuseipdb.com/check/198.235.24.146 Microsoft TI also categorizes them as malicious, but not the PA FWs. Does anyone know what these subnets are used for or ...

Non-RFC Compliant DNS Traffic on Port 53/5353

HI, Continuously receiving vulnerability threat events (Non-RFC Compliant DNS Traffic on Port 53/5353(56538)) form the same source IP towards our PA public IP addresses. The source is also clean and belongs to Vodafone ISP. I could not find any other trace to resolve the issue. Please assist how I can proceed to resolve it. What action I ...

  • 24374 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks