This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4141 Views
  • 0 replies
  • 0 Likes

Enquiry regarding Palo Alto Firewall Model: PA-3250

Hi Palo Alto support, I would like to enquire the following questions pertaining our existing firewall. If our Palo Alto fw fails in the OS layer, does the traffic still passes through? If our Palo Alto fw fails in the hardware layer, does the traffic still passes through? When our Palo Alto fw boots up, deos the OS layer comes up first or et...

Resolved! Multiple Global Protect gateways on same firewall

I have a PA-3020 that will have two ISP connections. Primary ISP interface will be used for the Global Protect Portal and Primary Gateway using tunnel.1. Is it possible to have a second gateway using tunnel.2 on the same firewall using the secondary ISP interface? Also, if the Portal is only on the primary ISP interface and that connection is...

DNS Signature Lookup Timeout Error

I'm seeing quite a lot of messages logged in the syslog output from my PA VM-100 running PAN-OS 10.0.0: Aug 19 07:31:29 firewall-1 1,2020/08/19 07:31:29,007051000047085,SYSTEM,general,2560,2020/08/19 07:31:29,,general,,0,0,general,medium,"DNS signature lookup timed out",1461969,0x0,0,0,0,0,,firewall-1,0,0,1970-01-01T10:00:00.000+10:00What exactl...

Resolved! Wildfire-Content

Hi Guys, On Panorama - Device Deployment - Dynamic Updates, I see WildFire-Content and WildFire. Wildfire-Content: there are releases but they have never been downloaded nor installed. Wildfire: the releases downloaded and installed per schedule. On Panorama, what are the difference between Wild-Content and Wildfire? On the NGFW, there...

tinhnho by L3 Networker
  • 2229 Views
  • 2 replies
  • 0 Likes

ASA migration to PA

Hi Team, We want to migrate our firewalls from cisco ASA to Palo Alto. Instead of performing hot cutover, we are thinking the other option by connecting them inline to existing firewalls so that it will just monitor all policy and etc, which will help us to fix any of the configurations so that we can remove the existing firewalls without any ma...

NTP Sync 10.1.6 PA-220

Hi all, I'm getting this NTP status message. I'm quite sure it did initially sync but then reverts to this state. What exactly does "rejected" mean? The NTP server was reachable but has it been knocked back for some reason. NTP state: NTP not synched, using local clock NTP server: xxxx status: rejected reachable: yes authentication-type: n...

CBrookes by L1 Bithead
  • 7980 Views
  • 8 replies
  • 0 Likes

Resolved! NAT'ing subnets - Larger to smaller? Will it work?

I'm moving some rules from an ASA we will be decommissioning at another location to our local PA-5220 for an IPSEC tunnel that we are migrating. The existing rule set on our ASA is NAT'ing our /16 subnet onto a /24 which technically could be an issue but we have few users that use this tunnel so it isn't an issue and they could come from a numbe...

Two ISP, one IKE-gateway. Loopback as IKE-source, source-nat - session and IKE never actually reset.

What I am trying to achive: I have two ISPs with two different static IPs. I want to create one tunnel to one remote site. Tested with panos version: 9.1.14-h4 Loopback IP: 192.168.99.1/32 inside zone eth1/1 WAN1: 11.11.11.11 outside zone eth1/2 WAN2: 22.22.22.22 outside zone Tunnel IP: 172.16.99.2/30 inside zone Both ISPs have RP-filter str...

Resolved! Dynamic update scheduling question

Hi Everyone, I manage a few firewalls (same model) with a template under Panorama; my firewalls do get Wildfire updated but I'm not sure how often they get updated. On Panorama, I look under Device -Dynamic Updates-'TemplateFWs', I don't see anything schedule/setup for Wildfire (WildFire Schedule: None(Manual)) but when i go to each firewall ...

tinhnho by L3 Networker
  • 2514 Views
  • 2 replies
  • 0 Likes

We Want to Hear From You! LIVEcommunity UX Survey

Hey Everyone! Got a sec? The Live Community Team would love to get feedback on your community experience! If you are interested in giving your feedback and earning a new community badge, please take this short survey before May 15, 2023. Thank you for sharing your unique insights with us! Your feedback is important, not just to our team b...

Screen Shot 2023-05-04 at 10.46.37 AM.png
JayGolf by Community Team Member
  • 1564 Views
  • 0 replies
  • 3 Likes

Resolved! System Log Message "WFRTSIG: Unknown error."

Hey Community, we have a pair of PA-3220 in an active/passive Cluster with panos 10.0.7 and since about 4 weeks we see the following system log entry almost every night around 11pm: WFRTSIG: Unknown error.We see this entries on both devices (active and passiv) but times are different. What I´ve done so far was to rebboot both devices but the log...

API calls to Azure failing

Hi All, We have a setup to turn-on and turn off VPN from Palo VM to Azure (at a specific time daily) but recently the tunnels are not coming up. Seems like the API calls are not being received at the other end. This setup was working before but stopped all of a sudden. VM is on 10.1.4 and I do not see any bugs addressed on the higher version. Wh...

Pras by L4 Transporter
  • 5050 Views
  • 6 replies
  • 0 Likes
  • 24340 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks