This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4119 Views
  • 0 replies
  • 0 Likes

Resolved! flow_tcp_non_syn_drop - packet capture on this counter?

Hello, I know this topic has been covered in a fair number of posts. Since I haven't read of anyone discussing this, I'm skeptical that it's an option. ....but I'm still going to post about it and ask directly. I have my non_syn tcp counter incrementing pretty much all of the time. I'd like to know if there is a way to setup a packet capture f...

HTTPS response page

Dears, I have created one custom response page(including image) that is for application block and URL block.example:- If someone wants to access a restricted URL or application the page should be displayed on the customer screen. I can see, once I apply the custom response page in the URL block page and application block page. then access the HT...

Jafar_Hussain_0-1616934348405.png

Resolved! PA-820: Cable Type/Lengths and HA Port Questions

I'm reorganizing the network racks at my workplace and am ordering new cabling.. A college of mine mentioned hearing something in the past that there may be an issue with using ethernet cables shorter than 3ft in some cases. I searched around but am having trouble finding concrete information outside of that it may have been an issue with older ...

J.Logan by L0 Member
  • 1329 Views
  • 3 replies
  • 0 Likes

UserID periodic empty groups issue

Hello, after opening a ticket with the support and finally after 4 debug sessions over a month time. I wanted to share our issue we encountered, and maybe it could help somebody with the same issue. Symptom : Every hour, we had our UserID based policy not working any more for around 3-4min every hour and on Commit from Panorama. Very odd.Aft...

Resolved! log forwarding to syslog | drops and queue

Hi everyone, Can anyone advise what's wrong here. Issue with log forwarding to syslog PA 3250 running on 11.1.6-h10. Only few logs are being sent to server, others are dropped. Here is the flooding messages in the logrcvr log file:2025/08/11 16:34:09 2025-08-11 16:34:09.382 +0400 Error: pan_logforward_enqueue_new(pan_logforward.c:2996): LOG...

Traffic Logs missing from subset of datetime range when using certain filters?

Has anyone run into a problem with Traffic Logs not returning any results with a certain period of a larger time range? I have been running a daily traffic analysis of a particular destination network (do to a vendor issue). Today's analysis of yesterdays traffic partially failed as a roughly 15min period is completely missing from the Traffic L...

Resolved! maximum number of bgp routes

hi,is there a maximum number of bgp route entries supported for the 5000 series ? does it support a full ipv4 routing table ? i cannot find any docs or data sheets with this kind of limits detailed...thanks

Split tunnel is not working for Linux/IOS devices

Hi, I have a VPN-SSL GP in a FW PA. I have some "Acess routes" in include for LAN ranges (10.0.0.0/8 and 192.168.x.x) and the rest should go through ISP local user. The issue is that I'm seeing traffic destined for the internet that shouldn't be reaching the FW via the VPN. Goiing to agent logs i can see all routes in Linux client as OK. Default...

BigPalo by L4 Transporter
  • 2776 Views
  • 6 replies
  • 0 Likes

Resolved! Does anyone know the API XPATH to load partial for static routes?

Hello All! I'm trying to use Expedition to migrate 100+ virtual systems from old Juniper firewalls my team inherited to our Palo Altos. We are using Load Partial commands rather than importing the entire Expedition output based on recommendations from Palo Engineers. Some of my Juniper stuff has large routing tables of static routes, so I wa...

Resolved! A question about snat address pool couse a route loop

Dear all I have a question about snat address pool and route loop; If I set a snat policy and assign a public address pool(range)to it, like 110.1.1.1 to 110.1.1.11 PS. It's being used for visit internet; I have a default route to internet on my firewall, nexthop is ISP, and this ISP have a route about 110.1.1.1 to 110.1.1.11 next hop is ...

Aruba Central - Palo Alto - User ID Question

Hey Guys, I have a bunch of access points in Aruba Central, we are currently using UserID as a way to assign username to IP address with Palo Alto. I have found these instructions https://www.arubanetworks.com/techdocs/central/latest/content/aos10x/cfg/services/pan_firewall.htm and preliminary testing seems to be working. Just wondering if any...

Active Directory groups w/ members from multiple domains

I'm using AD groups for some security policies and am expanding to use other domains in our company. While I can add users from another domain into an AD group, the PA only shows me the users in the same domain as the group. For example:Domain 1: DC=first,DC=com User 1: CN=idone,OU=users,DC=first,DC=com Group: CN=cars,OU=groups,DC=first,DC=com ...

Resolved! Unable To Submit Support Case Through Any Method

I have an issue that's affecting sync between HA peers. I've been trying to upload a support file (70mb) for 2 hours now. I have tried using a different browser and even a different computer. If call the North America TAC line the automated system instructs me to enter a ticket online. If this were a critical issue this would be incredibly stre...

CAAdmin by L0 Member
  • 2045 Views
  • 4 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks