This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4119 Views
  • 0 replies
  • 0 Likes

Resolved! Best practice for Active/Passive HA and OSPF

I configured Active/Passive HA in an environment where the firewalls connect to a core switch. There is an OSPF adjacency exists between the active Palo and the core switch. I'm curious what the best practice is for OSPF and HA. When tweaking the OSPF settings on the Palo, disabling OSPF graceful reset/strict LSA checking led to a vastly quicker...

inssider by L1 Bithead
  • 10555 Views
  • 2 replies
  • 0 Likes

Inquiries about PBF nexthop settings when the ISP is a DHCP Client

1. Issue: PBF does not operate normally when the public IP received from the line is a dynamic IP 2. Measures- If the circuit IP is a static IP, check the normal operation by inserting the gateway into the PBF – Nexthop setting- If the line IP is a dynamic IP, check the normal operation by inserting the gateway into the PBF – Nexthop setting At...

HilineISP_Tech_1-1685668963739.png

Understanding URL Filtering security profiles vs Rule Action

Hi!I have a pretty basic question that I couldn't find the answer to - am hoping that someone could help me understand this. Let's say I have a security rule: Rule 1: src=192.168.1.0/24, Dst=192.168.2.0/24, Svc=Any, Action=Allow, Security Profile=Antivirus, URL Filter (which blocks Gambling sites)Rule 2: src=192.168.1.100, Dst=192.168.2.100, S...

Resolved! IKEv2 tunnel does not restore after HA failover

I have an IKEv2 IPSec tunnel that does not automatically restore after an HA failover. Once the IKE-SA and IPSec-SA is manually cleared, the tunnel eventually restores. I have other IKEv2 tunnels that restore after several minutes with no intervention. The VPN is configured to a GRE router so the only application I'm seeing on the session is "...

Cortex XDR: How to block execution of some unwanted apps

Hello All, We have observed some unwanted applications( Any desk, WhatsApp) used by end users in customer environment. Is there any way apart from blocking the hash present in cortex console which will block the execution of such files. Thanks in advance. Regards, Sakshi Seth

When logging into the community can I turn off the email a code?

Whenever I want to log into the palo alto networks community, it asks to email a code to my email address. Sometimes I think it already did but nothing came, but in reality I never clicked the button to send the email. Is there a way to turn that off, or maybe do a push notification to Duo instead? This is why I use the r/paloaltonetworks subr...

ksauer507 by L3 Networker
  • 1247 Views
  • 1 replies
  • 0 Likes

Day 1 Configuration of PAN-410 model firewall

I created day 1 config file for my PA-410 model firewall and loaded the configuration. But while commiting Got below error: "email-scheduler -> Possible Compromise -> report-group 'Possible Compromise' is not a valid referenceemail-scheduler -> Possible Compromise -> report-group is invalid " When I double checked the file I downlo...

Sujanya by L3 Networker
  • 3898 Views
  • 5 replies
  • 0 Likes

Resolved! Qualys scanner blocked

Hi, We recently deployed Palo Alto and I notice that its blocking qualys scan on my internal network for the traffic passing through the Palo Alto vwire. How can allow all qualys traffic to pass through the Palo Alto?

ismailsh by L1 Bithead
  • 2729 Views
  • 1 replies
  • 0 Likes

Resolved! GlobalProtect Machine account exists with device serial number config

Dear Team, I'm trying to set up GlobalProtect's 'Serial Number Check' feature, but I'm having a hard time. GlobalProtect is already being used in conjunction with LDAP. So, when I do not use the function, I log in normally. I want to control by matching the serial number to the LDAP user. Is it correct that the serial number mentioned ...

CHOEKyungJun_0-1685060942772.png
CHOEKyungJun_1-1685060964833.png
CHOEKyungJun_2-1685060974068.png

Strange behaviour via Palo Alto Firewall.

Could someone explain why this site would fail via our firewalls, it works fine local and split tunnel. I would imagine it's to do with encryption levels as wireshark shows a few cypher spec changes during the handshake.. FYI.... SSL Proxy / decryption is switched off for this site and aplication is set to any and is classified as education/low ...

Mick_Ball by L7 Applicator
  • 3373 Views
  • 6 replies
  • 0 Likes

palo alto block page not showing

Running panos 10.1.8 on vm-300. a blocked https page gives user -This site cannot be reached rather than palo block page notification. Is this because ssl decrytpion is not enabled and is required to get block page notification for https url which are supposed to be blocked via url filtering.

PA440 not shuting down instead getting rebooted after sometime .

Hello I am trying to shutdown the device using CLI and GUI but it is getting reboot after some time . Click on Device tab > Setup link > Operations tab. Click on shutdown device under device operation shutdown command (request shutdown system) in the CLI. PAN-OS 10.2(10.2.3-h4), Please help me with the issue .

  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks