This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4104 Views
  • 0 replies
  • 0 Likes

Pre-Site Survey

hello I am preparing to go to site for a PA 440 install Q has anyone used a pre site capture document that could be sent to the customer ahead of the install ? for example a best practice document to capture number of zones security features etc

Cortex XDR report template query.

We have created a report template in the Cortex XDR console for endpoint status. The creation was successful, but the generated report only displays the endpoint status in an Excel format. However, we would like to view the endpoint host list status in PDF format. Please advise on how to achieve the desired PDF format for the endpoint host list ...

Resolved! NetFlow not Working with Qradar

Hello ! Im having issue with my netflow configuration on the PA5260 in HA mode. I'm not receiving any log on my Qradar where as i have configure the netflow by following the https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClJzCAK The following Step have beeen done: 1. Netflow profil created 2. Profil applied on a su...

Nathus by L1 Bithead
  • 2036 Views
  • 1 replies
  • 0 Likes

Dual ISP - ECMP and/or PBF

So may be a 2-part question. First, we have 2 ISPs both equal bandwidth so I've setup ECMP using IP Modulo do i need to set up PBF, or is that if you don't have equal ISPs? 2nd and the real issue. One of my applications that is tided via public dns to my secondary isp can't be reached. I've set up NAT and Security policy to it (i think corre...

branedge by L2 Linker
  • 3188 Views
  • 3 replies
  • 0 Likes

Resolved! Netflow questions

Hello! When we apply a Netflow profile to an interface, does it capture the ingress, egress or both flows? If we apply the same profile to the Inside and the Outside interface, and we have a flow which passes both of them, will we send duplicated information about this flow to the remote Netflow Analyzer? Thank you!

How to Identify If there was an allowed traffic from external suspicious IP in Panorama.

Hello All, I'm a bit confused to understand the exact process. When monitoring the traffic from an external source ip (malicious one) and checking the logs in Pano see that session end reason was "tc-fin" and type was either "drop or end" with action being "allowed". Does this mean that , traffic has been blocked by the firewall or dropped by th...

Resolved! GRE Tunnel to Zscaler failover

Hello,I have two Destination IPs (one for each GRE Tunnel to Zscaler). How would I need to configure my palo alto firewall to allow GRE Tunnel Failover, so that traffic only flows through the primary tunnel and flows through the secondary tunnel when the first one fails?Thanks!

smshafek by L1 Bithead
  • 9274 Views
  • 5 replies
  • 1 Likes

How and when to use ARP-Loadsharing and Floating IP - Upstream/Uplinks

How and when to use ARP-Loadsharing and Floating IP - Upstream/Uplinks Hello Live comunity, how are you all doing. In the use cases you can see that the use of ARP Load-sharing or IP Floating, ARP is used thinking in the access to the Gateway vs IP Floating that is something more like fail-over more like an active/passive so to speak, than ARP L...

Metgatz by L4 Transporter
  • 2488 Views
  • 1 replies
  • 0 Likes

How to get PaloAlto to use Local CA certificate instead of self-signed certificate.

On my network, I have a Windows Server CA, a Windows 10 box, and I PaloAlto box. The PA is currently running Software version 10.1.7. I have created a PA.csr and sent it to my CA server, and received my PA.cer w/o a private key. I have uploaded the PA.cer and the CARoot.cer to my PA box. It seems like no matter what I do, or configure, I can...

shayes by L0 Member
  • 1953 Views
  • 2 replies
  • 0 Likes

Integration Issue - XSOAR Cortex and Splunk SIEM

Hello Community, I am facing an issue while trying to integrate XSOAR Cortex with Splunk SIEM. I have followed the necessary steps, including providing the IP address of the Splunk SIEM, my username, and password for the SIEM account. Additionally, I have left the port at the default value, which is 8089. However, when I click on the "Test" bu...

error message test integration.png

Exporting logs

Hi, I am trying to export filtered logs from the monitor->traffic tab, but I get nothing: When I click on the export button there is a little window "Exporting logs, please wait.." that is running about 10 or 20 min and some time it never end and some time is ended with the link to download the file, but the file is empty "Zero bit".. ?? PA-3...

belmar77 by L1 Bithead
  • 3738 Views
  • 4 replies
  • 0 Likes

Enabling IPS on PA-3220

Has anyone been successful with enabling the IPS feature on a 3220 ngfw? We have the appropriate advanced threat prevention license applied, but I am having difficulties getting it enabled and configured. Thanks in advance!

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks