This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4221 Views
  • 0 replies
  • 0 Likes

Resolved! How to escape a line feed in login banner via CLI?

What is the escape character/ sequence for LF or CR/LF in cli mode?Via web interface it is possible to create a multiline login banner with line breaks that looks like the example below.line 1 testline 2 loginline 3 bannerThis shows up tidy during login via cli and webinterface$ ssh -l admin 192.168.1.1line 1 testline 2 loginline 3 bannerPasswor...

panwmod by L0 Member
  • 10536 Views
  • 8 replies
  • 0 Likes

Resolved! New user creation error

Hey everyone, wanted to ask for some help, I created a new user with wrong email for SSO, is there a way to eliminate this user it is not showing under manage users so I was wondering where I can edit that. Thanks

arces01 by L0 Member
  • 2497 Views
  • 3 replies
  • 0 Likes

Issue with routing possibly?

Needing a little help. I have a PA 5220 within a secure enclave (so no connection to the internet). I can ping a gateway in another enclave without any issue but when I ping the network beyond that gateway I get no reply. My GW external interface and their GW external interface are on the same subnet and their internal network and my internal ne...

NFS sessions undecided after fail-over

Situation:NFS Client src:828 dst: 2049 --> PAN 7050 HA Cluster --> NFS Server (NFS Session is up and connected without issue) Palo alto cluster fail-over occurs (upgrade/issue - doesn't matter) NFS Client src:828 dst:2049 -->PAN (Session is marked as "undecided" and dropping the syn packets)The timer continues to reset on the session on...

Failed to delete certificate - Invalid Location / Permission Denied

Hardware: PA220 Version: 10.1.5-h1 I'm trying to use a certificate that appears to be having issues. I first noticed the issue when I attempted to create a certificate profile using a trust root CA. When I try to create the profile, it fails to create and has error message "CA -> *CA NAME* is invalid -> CA is invalid". I then went to e...

Resolved! Adding IP's on Policies on panorama

Hi All, Needing your suggestions i'm adding a list of ip addresses on policy that I created on branch and when I push it I got an error on NAT ISP 1, NAT is not a problem I knw because everything is working correctly. I notice that this has been added on dublin site so what I mean is there is a policy on dublin site then there is policy on bra...

weezy by L3 Networker
  • 1926 Views
  • 2 replies
  • 0 Likes

Layer 3 sub interfaces on Hyper-V

Hi all, I am trying to get Palo Alto VM series (10.2.3) to work with layer 3 sub interfaces on Hyper-V (2022).I configured interface/subinterface from the documentation (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRkCAK)I also tried it with removing the ip.adr 192.168.4.252/24I also tried setting the vSwitch to tr...

pa_subinterface.png

Resolved! Implementing Applications Over Services

We recently completed a migration and I am in clean up mode. I would like to utilize applications but we do some no decryptions exceptions rules that bypass decryption. I am concerned that without decrypting, the rule will break and traffic won't flow. What is a safe way to begin transitioning from services to applications?

Access PA-440 MGMT Interface via Cisco Switch

Hi Guys, I am working with below scenario and would like some help. As shown in diagram: A cisco switch IE3400 is connected with PA-440 with trunk connection and also one of the interface of switch is connected to MGMT port of PA-440. There are multiple VLANs in the network but I showed only the relevant in this case. Cisco Switch has Vlan 10...

Janmejay_Dave_1-1687412475430.png

Ensuring Accuracy: Introducing the Audit Date Stamp on LIVEcommunity

LIVEcommunity recently introduced a new feature to help you know when content has been reviewed for accuracy: the Audit Date Stamp. With this latest enhancement, you can now easily identify when an article has been audited, confirming that the information is current, screenshots are up-to-date, and any solutions or use cases function as expec...

JayGolf_0-1686676207668.jpeg
JayGolf by Community Team Member
  • 1741 Views
  • 1 replies
  • 1 Likes

Resolved! Packet drop in the Firewall

Recently, we did a Migration activity, From the Juniper SRX to Palo Alto. After successful Migration, we can notice that one drop over the PA firewall.We did troubleshooting from our end and in the global counter can see below error with drops flow_fpga_ingress_exception_err 1865 19 drop flow offload Packets dropped: receive ingres...

Traffic redirects to captive portal

We currently have a policy in place that allows all HTTP and HTTPS traffic from a test server (Trust) with a static IP address to reach untrusted networks. However, when accessing the server from a browser, it automatically redirects to a captive portal and blocks internet access for server applications. The internet was functioning properly on ...

Bijesh by L1 Bithead
  • 2110 Views
  • 1 replies
  • 0 Likes

URL Profile Known Bad Categories

What are the known bad url categories that palo checks is blocked? We currently block all the categories in this document but AI-Ops still flags it. Is there a way to see specifically what its failing? Malicious URL Categories (paloaltonetworks.com)

Claw4609_0-1687291149037.png
Claw4609 by L5 Sessionator
  • 2443 Views
  • 3 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks