This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4469 Views
  • 0 replies
  • 0 Likes

Palo Alto consolidate interface and Panorama connection

refer picture below , client plan to consolidate their existing 1gig link to 10 gig link Information 1. Palo Alto is manage by Panorama 2. Palo Alto configure using default service route which is management IP 10.2.1.0/24 3. Client would like to consolidate the transit and Mgmt interface 4. Traffic from Panorama to Palo Alto management is via t...

Migration.jpg
VLim by L2 Linker
  • 1736 Views
  • 2 replies
  • 0 Likes

Question about System Logs

Hello there, I know that system logs can be sent to a log collector through email, syslogs, or API calls to a REST API server. Is there any way to get the system alerts from panorama if we made an API call through an HTTP request? Looking to build a script that goes and grabs system alerts from panorama through HTTP requests. I tried to lo...

ccullhaj by L0 Member
  • 1993 Views
  • 1 replies
  • 0 Likes

Certificate Expiration Check- What it actually does

Certificate Expiration Check- What it actually doesThe article - https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000POWJCA4&lang=en_US%E2%80%A9 I assumed 'on-box certificates' meant that it would alert on certificates that are installed on the box when they're close to expiry, you know, because it says 'on-box certific...

Regarding License activation

We already have n number of Palo Alto firewalls and those are licensed. recently we purchased two new firewalls. Just wanted to activate license for those two new firewalls remotely. Registered these devices under Palo Alto support portal and activated license. License expiration date matches with our existing firewalls expiration date( in an...

perumalj by L2 Linker
  • 2332 Views
  • 2 replies
  • 0 Likes

Panorama Management Memory alarm

Host: Panorama Trigger: Free disk space is less than 9% on Slot-0 Management MemoryItem values:Name: Slot-0 Management Memory storage usedKey: hrStorageUsed.["Slot-0 Management Memory"]Value: 57.3 GB ------ Please, we receive many times this alarm. How can we solve it?

BigPalo by L4 Transporter
  • 4138 Views
  • 2 replies
  • 0 Likes

EAP authentication for IPSec IKEv2 tunnel to VPN provider

Looking to establish an IPSec IKEv2 tunnel to a service such as NordVPN or PrivateInternetAccess. These providers support IKEv2 IPSec tunnels, however they require you supplying your account credentials as part of the authentication process via EAP such as mschapv2 (See screenshot attached of a router config that they support connecting into the...

Traffic getting hits on non-allowed URLs

Hi All, I have been experiencing a situation where http and https traffic are getting hits on 1 of my security policies which is configured with Custom URL Category. It looks something like this: Source Zone: Internal Source: Internal Network Destination Zone: External Destination: Any Application: Any Service: HTTP & HTTPS URL Categor...

Route traffic to certain website(s) through site to site VPN without Route All Traffic VPN set.

In existing site to site vpn tunnel setup between Head Office and Remote Office, there would be requirement that traffic to certain website from remote office need to be routed through head office Internet connection through the existing site to site vpn tunnel. However the requirement would not be to configure the site to site vpn tunnel in Rou...

What is error "management server failed to send phase 1 abort to client logrcvr" and "management server failed to send phase 1 client ssl VPN" ?

Hi All,.PAN OS 4.1.11 and we are using user id feature,.. is this is due to bug in this release for "high management CPU utilization" ?What is error "management server failed to send phase 1 abort to client logrcvr" and "management server failed to send phase 1 client ssl VPN" ?due to this i am unable to do any changes in my firewall,...kindly h...

Gururaj by L4 Transporter
  • 13845 Views
  • 8 replies
  • 0 Likes

Resolved! LACP interface ethernet1/24 moved out of AE-group ae1

Hi Guys, We are getting "LACP interface ethernet1/24 moved out of AE-group ae1" through syslog (emailed) multiple times in a day on PA 3410 running on PAN OS 10.2.3 in HA active/passive. The switch in use is Aruba 8320 Interesting the same msg is received from the passive device too (whereas its interface is in shutdown mode) l2ctrld.log has no...

paragkarki143_0-1673237010186.png
paragkarki143_0-1673328417388.png
Pras by L4 Transporter
  • 21218 Views
  • 9 replies
  • 0 Likes

Resolved! Palo Alto Layer 2 bridging

Any idea on when or if PAN is going to produce the functionality to do layer 2 bridging (example, traffic on vlan 300 would be directed to vlan 3000...etc? Right now the function only seems to be possible when in conjunction with a physical interface per bridge which isn't scalable for lots of vlans like a DC. Another option is enabling the func...

Resolved! Palo Alto BGP routes from Azure

Palo 5220 running at the edge, using VPN tunnel to Azure virtual WAN running eBGP. Palo iBGP peered to switches, switches peered eBGP to Azure Express Route. My issue is VPN route is always installed in route table rather than express route, I assume because eBGP is AD 20 vs iBGP AD 200. I have tried local pref and weight on the palo to try and ...

Enable DNS Cloud Security

Dear All, I generated BPA Report for Panos 10.2.3 but I need to know how to enable it DNS Cloud Security ? Best Practice Checks DNS Cloud Security (Fail) Configure DNS cloud security and set the action to Sinkhole and packet capture to a single packet. DNS Sinkhole (Pass) Anti-Spyware Low/Informational Profile (Pass) Anti-Spyware Stric...

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks