General Topics

Ensuring a Safe and Secure Community: How You Can Help

Dear LIVEcommunity Members,

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

How to assign multiple vlans to aggregate ports

Hi,

I have two inside aggregate ports eth1/3 and eth1/4. These will be uplinking to Cisco Nexus core switches.

How can I tag multiple vlans within these ports and what interface type should the ae1 be?

Thanks

PA 3260 and using non dedicated as HA1 interface

We have 2 PA 3260 across Data Centres.

We tried to use Eth1/13 as HA1 port but under ha1 interfaces it does not show option to choose eth1/13.

IS this by design that HA1 interface to be dedicated?

for now we used management as ha1 interface.

is this

...

add a second portal address to GlobalProtect (v5.2.12-26) on Mac

is there another way to add a second portal address to GlobalProtect (v5.2.12-26) on Mac, as I do not want to use a plist to add a second portal address to GlobalProtect.I want to be able to add the portal address via GlobalProtect?

security policies associated with dynamic address groups:

To configure security policies associated with dynamic address groups:

Select Palo Alto Networks > Policies > Security.

Click Add to create a new security policy rule.

3.In the User tab, enable known-user.

Configure the other options to meet your s

...

Resolved! Using Salt Proxy to edit password in config on Palo Alto firewall PA-220

Hi, I am trying to use Salt to automate a config upload process. The problem is that the salt module for palo alto, called panos, needs access to the firewall on tcp443. "The panos proxy leverages the XML API functionality on the Palo Alto firewall.

...

Register DNS between GP and Internal Network

Hello team,

The problem we are observing is that when devices switch from a corporate internal network to Global Protect and vice versa they do not update their reverse DNS record with the new IP received; it is clear that it is a problem between t

...

Resolved! Networking or Dataplane apparent reload (5200 w/10.1)

I'm experiencing issues of what seems to be a "sudden restart" of all OSPF/OSPFv3 neighborship on a PA-5220/PanOS 10.1.6 firewall. I'm trying to pinpoint the root problem on my own, since our support contact (a partner, not PA's support) is taking th

...

Resolved! PA 220 initial setup

Hello,

I am trying to setup a PA 220 from home. I have a BT connection but am using a TP link archer wifi hub

I followed the instructions but didnt get a connection

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClFkCA

...

Resolved! QOS Config

Hi,

I want to define separate profiles for upload and download for sub-interface, I couldn't succeed, can you help with the issue?

(ip subnets and zone is correct)

if the TEST_DOWLOAND RULE is top it working for dowloand qos but not working U

...

Resolved! PanOS 10.1 Clustering

Hello,

I am used to configuring clusters on PanOs 8.x and 9.x.
I am now configuring a new infrastructure based on PanOs 10.1.8.

I have seen new options in "High Availability".
1) Under "General" tab what is "Clustering settings" for?
2) what is "Cluste

...

Threat Prevention Inline Cloud Analysis - Allow on Max Latency

With the new feature - Advanced Threat Prevention in PAN-OS 10.2

There are Inline Cloud Analysis in PAN-OS 10.2

I found a new setup - Threat Prevention Inline Cloud Analysis under Device > Setup > Content-ID

I would like to know what is the different

...

Resolved! Not able to see the interface IP addresses using SNMP.

Hi All,

I executed the command in SNMP to get MIB, but it is showing only interfaces not showing related IP addresses. what might be the problem ? Kindly help me.

Regards,

Gururaj.

Resolved! LDAP Members in group Issue

Issues with Members in a group and a security policy

- pa 850/9.15 os level

- I use ldap to sync with AD , I merged the groups I need in the include group option

- I see all the groups in cli by using show groups

- I can also list members in the grou

...

Resolved! Some emails not working on iPhone behind PA

I have a weird problem. I installed a VM100 connected via PPPoE to the ISP, standard NAT, DHCP configured on the LAN side.

Issue: unable to receive/send emails from iPhone from SOME providers using inherid IOS app:

Corporate email: working via IOS ema

...

What is PA equvalent to show Xlate to view NAT translations

Discussions