General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! session end reason resources-unavailable for all traffic

Hi,GuysThe customer's network recently experienced an outage, and found all the session end reason was resources-unavailable ;I exec the comand " debug dataplane pool statistics" and found there is a parameter in the software pool called Regex Results that has been exhausted. Compared with normal firewalls, this value should not be reduced. I...

220 activation

It was discovered recently that we have a 220 in use that the Support contract was never activated. And now because the 220 is End of Sale we are unable to purchase a new Support contract. Is there a way to get this unit activated? We have a lot of 220s that have support contracts that come to term at the end of this year, will we be able to r...

Reason for Sudden Reboot of PA-820

1. Need to get the confirmation on the reason for the sudden reboot of the PA-820 device which is in High-Availability state. 2. Only the Primary Unit has faced sudden Reboot but Secondary did not, Checked for the power adapter of the Primary unit but it was fine. 3. Timestamp of the sudden reboot on a primary PA-820 (HA-Active) unit is on 9/5/2...

Purushotham_0-1684750533621.png

Palo Alto and Menlo Integration

Hi all, Does anybody known how to integrate Palo Alto with Menlo Security Solution ?The goal is to transparently redirect HTTP/HTTPS traffic to Menlo appliance for specific URL Categories... Any idea ?? Regards, HA

Maximum Access Domains Per Admin Panorama

Hi guys, What is the maximum number of access domains you can configure per admin? I tried adding a 26th access domain to an admin, but was presented with the following error. admin-bar@panorama01# set mgt-config users rus permissions role-based custom dg-template-profiles 2933-Officenet2 profile DG-defaultServer error : 2933-Officenet2 constrai...

Resolved! Getting more restrictive in rule application and use of application policies - best approach?

We recently used Expedition to migrate our ASA and some rules from an older PA-3020 over to a PA-5220. It was rather involved (to me) and I had taken this project over after someone had started it. Since our ASA did not have any concept of Applications many of the rules from our ASA were brought over as-is with specific port definitions in the...

Anyone running PAN-OS 11.0.1 on a PA-440?

I am for that matter because I need de PPPoE feature on a sub-interface. But I have noticed that one of the LEDs on the management interface is not working. Could this be a software issue? Regards, Han.

Han.Valk by L2 Linker
  • 2009 Views
  • 2 replies
  • 0 Likes

Pan-OS CLI Keyword Highlighting in SecureCRT

I use SecureCRT to manage SSH connections to Pan-OS CLIs on our NGFWs, and this software has the ability to highlight keywords, including regex(s). However, after a couple hours of Google-fu, I found user-made Cisco CLI templates but cannot find any for Pan-OS CLI. Does anyone have this feature configured that would be willing to share a templat...

Resolved! Delete all Address Objects

Hello,I have >600 Address objects on a Lab firewall and I am looing for a way to delete them all. The web interface does not contain a select all tick box for individual address objects (mind-blowing.. why not??)... Anyone know of a CLI command that will do it? Thanks!Matt

Resolved! My site was flagged as Grayware. I believe this is a false rating. I need help requesting the rating be changed.

Hello, my website EastCoastCobras.com has been marked as Grayware. My hosting provider says I have no issues with my site. Can someone please put in a ticket on my behalf? urlfiltering.paloaltonetworks.com is not a solution that works as it replies 'If you are trying to change the Risk rating, this cannot be done via Change Request. If the...

HA problem Pa 410, Pa 3250

Hi all. I created an HA group from device PA410 (the same problem on PA3250) mode active-standby , when i switch active device to passive, the passive device becomes active and i have a problem. there is no access to the firewall for about a minute the following occurs for Pan OS 10.1.8 I did update pan os to version 10.1.9 h3 I see a s...

PAN OS 10.1.8.PNG
PAN OS 10.1.9 h3.PNG

Resolved! NAT and Proxy Arp and Interface Addresses - help understanding

I'm having trouble understanding why some recently added NAT rules did NOT Proxy ARP on our outside ISP interface as I expected it to. I'd setup some NAT rules both using a bidirectional outbound rule NAT'd to an outside interface address (new one, not the existing one that was assigned) and an incoming only NAT rule mapping a new outside addr...

TonyDeHart by L4 Transporter
  • 22184 Views
  • 11 replies
  • 0 Likes

Resolved! HA1 not UP when HA interfaces have same mac address

Hello Team, I hope you can help us, We're also already planning to create a TAC case for this. We have provisioned 2 vFW on RHOSP.We configured the 2 fw on HA Active-passive.HA1 > e1/8HA1 Back-up > e1/9 Now the data interfaces e1/1 to 1/7 has to have same mac address right for HA failover to be seamless as per below link We have disabl...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels