This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4118 Views
  • 0 replies
  • 0 Likes

Resolved! About User-ID Agent

Hello, I've been practicing Palo Alto lately, I'm having trouble setting up "User-ID Agent"...This is my simple structure : I set up "AD server" and "User-ID Agent" on the same Winserver I also added Win10 to domain, and gave it an account (michael) But I don't know why "User-IS Agent" always identify the IP of "michael" as 10.20.54.52 ,inste...

young19918_1-1681749791819.png
young19918_2-1681750176934.png

Issue with finding palo alto self-signed certificate under certificate menu

Hi there, Management web is using palo alto self signed certificate but I'm not able to find it under certificate menu in device section. Any one has faced this issue before? It should be somewhere in configuration refer to self-signed certificate, if I want to create a self-signed certificate by myself I'm able to see that certificate under...

MBashiri by L0 Member
  • 1328 Views
  • 1 replies
  • 0 Likes

Connect same VLAN to multiple V-SYS

Hi All, We have a PA-5220 firewall cluster which has running multiple V-SYS itself. The firewall is connected to the up stream router thru a port channel. On the up-stream router VLAN 10 is allocated to the WAN-IP range. I need to extend that VLAN 10 to the V-SYS A and V-SYS B so I can can assign the respective public IP addresses to the diffe...

PBF not working with DNAT policy for server

Dear Team, We have 5 ISPs and we have configured PBF for a group of IPs/networks. We observed while routing the server from X ISP to Y ISP, the server which is published on X ISP becomes inaccessible. Request you please help to resolve the issue on a priority basis.

VINAYAKJ by L0 Member
  • 1178 Views
  • 1 replies
  • 0 Likes

Resolved! USER-ID mapping by firewall

Hi All, Consider there is an user (xyz@example.com) is accessing some network for which communication is allowed in firewall based on USER-ID rules. If the User(xyz@example.com) at the same times access the allowed sites by using two different IP address, will the communication from both the machines would be allowed.

Sujanya by L3 Networker
  • 1704 Views
  • 1 replies
  • 0 Likes

SNMP Counter issue

Hello everyone I am having a problem with SNMP requests on my palo-alto. My issue is the following I don't see any traffic on the physical interfaces of the palo alto, the traffic remains at 0 I can clearly see the traffic on the virtual interface (VLAN). I am on zabbix My palo alto is a PA-440

LCutman by L1 Bithead
  • 1426 Views
  • 1 replies
  • 0 Likes

Panorama config export fail. Host key verification fails

When I try and configure a scheduled config export the connection fails. I get a message the RSA host key differs and asked to confirm adding the key. This is a loop and always asks to add the key. If I try to remove all the known host keys the command ( delete user-file ssh-known-hosts) completes but does not seem to delete anything. The sa...

Rawilson by L0 Member
  • 2499 Views
  • 1 replies
  • 1 Likes

comments in cli

Hi I have a text file with PANOS command line arguments (set) what character defines a comment line ? is there one ?

Alex_Samad by L4 Transporter
  • 15705 Views
  • 11 replies
  • 1 Likes

Resolved! PA is connected to a router

Hi PA(non-management interface) is connected to a router via a cable . What is minimus condition for the two device to ping each other? 1. ip address in interface are in same subnet, 2. interface associated with management profile to allow ping 3. interface type is L3 Any else? The reason why i ask the question is the two device cannot s...

Resolved! CLI configuration of adding interface to virtual router

Hi, When add a interface into virtual router using cli, do I need to copied all the interfaces in the virtual router currently, then add this new interface into the list? For example, current default virtual router has two interface ethernet1/1 and ethernet1/2, I want to add another interface ethernet1/3 what I need to do is only "set network v...

nowayout by L1 Bithead
  • 4665 Views
  • 2 replies
  • 0 Likes

Encrypted-DNS False Positive Heads Up

Presently 20230406.20033 and earlier updates are presenting a large number of false positive categorizations for encrypted-dns. This includes several domains from Bitwarden, YouTube, Google, Microsoft, Spotify, and many many others. If you have encrypted-dns set to block you may get reports of many services not functioning properly.

BPry by Cyber Elite
  • 4784 Views
  • 6 replies
  • 3 Likes

Resolved! L2 Over L3 with VXLAN protocol

Hello, Is it possible to configure a VXLAN tunnel on a Palo Alto 3220 (running PANOS 10.2.3)? I.e. is L2 over L3 tunneling using VXLAN protocol possible? If so, is there an example configuration you can point me to? Thanks!

brenna by L0 Member
  • 7888 Views
  • 2 replies
  • 0 Likes

blocking apps on google chromecast

Hello, Looking to block apps on a new Google Chromecast all apps would be great but haven't been able to block AppleTV, HBOMax and ESPN. I've put appletvplus and hbo into our blocked apps rule but they still open and able to be accessed. Any one succesfully blocked Chromecast apps? Thanks

mlaporte by L1 Bithead
  • 3214 Views
  • 2 replies
  • 0 Likes

Where to download update for PA-2050 for learning purposes.

I have been given a PA-2050 to play with, and get my hands dirty, learning PAN, etc. Where do I go find the latest supported image for it? https://support.paloaltonetworks.com/Updates/SoftwareUpdates/ doesn't have the PA-2000 series listed. It has PA-200, and then PA-3000, PA-4000, PA-5000 and the PA-VM series.Should I even bother? Should I j...

Fan_Tai by L0 Member
  • 4429 Views
  • 5 replies
  • 0 Likes
  • 24335 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks