This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4254 Views
  • 0 replies
  • 0 Likes

Proper User-ID Configuration

We have 4 Palo Alto Clusters managed by panorama, each cluster has 2 firewalls, each firewall has number of Vsys. We want to configure user-ID with the Agent based method. My proposed solution is to integrate each Firewall directly with the User-ID agent then push User-ID agents in panorama (In device group setup it asks about default firewall...

Get the info "Users login in Azure domain" to use in policy by groups

We are migrating onpremise AD to AZUREAD. The doubt is that these users going to AzureAD and all the info (source name and group belong) can not be retrieved by the FW (as UIA did on premise mode). So how can get the info (users/groups) from AzureAD to configure policy source groups in Palo Alto? We doesnt have any SAML IdP configured in Palo Alto.

BigPalo by L4 Transporter
  • 1421 Views
  • 5 replies
  • 0 Likes

"source user" empty in monitor log

I'm looking at an old version 7 PA3000 which uses a user-id agent to map users (active directory) to IP addresses.When i log onto the firewall CLI a "show user ip-user-mapping-mp all" command returns what looks to be a valid list of user mappings. However 90% of the traffic log entries have 'source user' blank. There doesnt seem to be a reaso...

Resolved! Better solution for remote access

Good day all, I wasn't sure which group to post this on exactly so I figure try general topics first and then perhaps the conversation will lead me to the correct place where I can get more insight on this. What I am trying to do is I wanted to see if there is a better want to provide remote users access. Right now I am using VPN tunnels/GRE t...

Resolved! University Students Receiving (HTTP Status Code : 416) (CE-40862-0) On Playstation devices

Recently started receiving reports from students that they cannot download new games or updates for their installed apps on Playstation and are greeted with the error code mentioned in the subject. I have a case open with support, but I wanted to reach out to the community as well to see if any other University admins have dealt with the issue i...

Resolved! flow_tcp_non_syn_drop - packet capture on this counter?

Hello, I know this topic has been covered in a fair number of posts. Since I haven't read of anyone discussing this, I'm skeptical that it's an option. ....but I'm still going to post about it and ask directly. I have my non_syn tcp counter incrementing pretty much all of the time. I'd like to know if there is a way to setup a packet capture f...

HTTPS response page

Dears, I have created one custom response page(including image) that is for application block and URL block.example:- If someone wants to access a restricted URL or application the page should be displayed on the customer screen. I can see, once I apply the custom response page in the URL block page and application block page. then access the HT...

Jafar_Hussain_0-1616934348405.png

Resolved! PA-820: Cable Type/Lengths and HA Port Questions

I'm reorganizing the network racks at my workplace and am ordering new cabling.. A college of mine mentioned hearing something in the past that there may be an issue with using ethernet cables shorter than 3ft in some cases. I searched around but am having trouble finding concrete information outside of that it may have been an issue with older ...

J.Logan by L0 Member
  • 1453 Views
  • 3 replies
  • 0 Likes

UserID periodic empty groups issue

Hello, after opening a ticket with the support and finally after 4 debug sessions over a month time. I wanted to share our issue we encountered, and maybe it could help somebody with the same issue. Symptom : Every hour, we had our UserID based policy not working any more for around 3-4min every hour and on Commit from Panorama. Very odd.Aft...

Resolved! log forwarding to syslog | drops and queue

Hi everyone, Can anyone advise what's wrong here. Issue with log forwarding to syslog PA 3250 running on 11.1.6-h10. Only few logs are being sent to server, others are dropped. Here is the flooding messages in the logrcvr log file:2025/08/11 16:34:09 2025-08-11 16:34:09.382 +0400 Error: pan_logforward_enqueue_new(pan_logforward.c:2996): LOG...

Traffic Logs missing from subset of datetime range when using certain filters?

Has anyone run into a problem with Traffic Logs not returning any results with a certain period of a larger time range? I have been running a daily traffic analysis of a particular destination network (do to a vendor issue). Today's analysis of yesterdays traffic partially failed as a roughly 15min period is completely missing from the Traffic L...

Resolved! maximum number of bgp routes

hi,is there a maximum number of bgp route entries supported for the 5000 series ? does it support a full ipv4 routing table ? i cannot find any docs or data sheets with this kind of limits detailed...thanks

  • 24362 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks