This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4104 Views
  • 0 replies
  • 0 Likes

Resolved! PA -5060 Version: 8.1.24 , All the interfaces flapped simlutanesouly

Hi Team, We have observed a situation where all the connected interfaces were flapped on the Firewall with the below logs, there is no much conclusive evidence in the tech-support logs, not sure if i am missing the log file which has the reason for this cause. LACP interface ethernet1/2 moved into AE-group ae3. LACP interface ethernet1/...

Resolved! Dumb question: Are there cases where a configuration change will take effect prior to committing?

I would like to reconfigure our PA-3260 FW to use its 40G interfaces instead of the 1G interfaces being used in production now. I plan to create one new aggregate ethernet interface made up of subinterfaces that correspond to each of the individual 1G AEs now in production. In the process, I will need to remove the IP addresses in each of those ...

rpastor by L0 Member
  • 3134 Views
  • 3 replies
  • 0 Likes

Resolved! Cortex XDR Firewall configuration query.

We have configured the Check Point firewall version (R81.10), but it is not supported for native log ingestion. However, we have checked the official Palo Alto documentation for this link: https://docs-cortex.paloaltonetworks.com/r/Cortex-XDR/Cortex-XDR-Pro-Administrator-Guide/Ingest-Logs.... -It states that log ingestion and data require a Co...

Resolved! Logging In PAN OS

Hi Team, >In general, the PA Firewalls are manged by Panorama will log directly to Panorama or do we need any configuration to be made to push the logs to Panorama? >What is the best way to configure logging for the firewalls managed via Panorama? For the firewalls in cluster as well the firewalls which are standalone? >Based on what i ...

Firmware download

I have device registred and lisenced also I can ping from the device updates.paloaltonetworks.com however I cannot run any: request support checkrequest license fetchrequest license inforequest content upgrade check Server error : Failed to check support info due to generic communication error. Please check network connectivity and try again.

Resolved! Issues with DHCPv6 Client with Prefix Delegation

Hi there, Playing around at home with DHCPv6 Client with Prefix Delegation. Been following this guide: https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-new-features/networking-features/dhcpv6-client-with-prefix-delegation The configuration for the outside interface is working ok, and I get a prefix from my ISP. What fails is when I try to ...

erikda by L2 Linker
  • 2148 Views
  • 1 replies
  • 0 Likes

PAN OS enabling communication between overlapping subnets

Hello, I am thinking about analogy with Cisco firewall. Please how can I make two hosts with same address communicate with one another on one firewall? 1) Two Virtual routers leaking with NAT in place between Virtual Routers. Directly on one FW, not with some external device. So in terms of routing "Next VR". 2) Two Virtual systems with separa...

JLoukota by L1 Bithead
  • 1477 Views
  • 2 replies
  • 0 Likes

Resolved! Reports in Panorama

Hi Team, Can we check the internet usage and particular interface usage from Panorama? For the firewalls managed via Panorama? Or is there a way we can get it from the firewall itself? Or any other solution which helps to know this info? Regards, Sanjay S

Device Certificate Expired 'Invalid Request. Authentication Failed'

Hi Everybody, I have 4 firewalls grouped into 2 HA pairs. The first pair had certificates which expired on August 18 and have failed to be renewed. The last fetched message says "Failed to renew device certificate. Invalid request. Authentication failed". I tried going through the OTP process to redeploy the certificate but under Device > S...

DHCP issue

Hi Team, Customers have PA-220 running 10.0.0 and migrated to PA-1410 running 11.0.1-h2from PA-1410 - 11.0.1-h2 unable to get DHCP ip from the firewall for Android and iPhone devices. The same devices are getting IP from PA-220 running 10.0.0 versions. Following pan_dhcpd logs from PA-1410 DHCPD log ========== 2023-06-22 10:15:18.098 -0500 Er...

vij by L1 Bithead
  • 3878 Views
  • 3 replies
  • 0 Likes

Resolved! Accessing a website on the same public ip as the source

* new here so if posted incorrectly. don't kill me * Im trying to access mywebsite.com that is on a local IIS windows server. I can access it from Outside ( via Cell phone ) via a NAT Inbound Policy. I need to be able to go to mywebsite.com from a computer that is on the same vlan as the webserver. I have not found any documentation on ho...

onedelve by L0 Member
  • 2675 Views
  • 3 replies
  • 0 Likes

Fix weak cipher on Panorama itself

Hi, i am trying to find an article on how to fix a weak cipher suite on Panorama itself but to no avail. Does anyone have any idea and is there is KB out there who can assist with this? Panorama

Resolved! SSL forward proxy with real certificate

I have gone through some topics related to SSL decryption with forward proxy. Here is something that I need to learn how to resolve. We need to decrypt everything for PC/laptop/mobile. With wireless, if we have 1 SSID, then the laptop & phone can be used then we can assign our generated root cert from Windows Server to the laptop & PC ...

Firewall Down Can't Override Panorama Managed Policies/Settings

Last week we lost one of our sites Acitve/Passive firewalls. An event appeared to happen, that caused the firewalls to try a failover. However the failover failed, and the firewalls were in a "hung" state. When I had smart hands plug into the MGT port, I was able to get into the GUI. The ports all showed "down"(or gray). Previous admins set...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks