This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4105 Views
  • 0 replies
  • 0 Likes

Resolved! PA 3220 function as a secondary / sub-ca

Greetings, We are researching Certificate management and all the certificate management the Firewall can do. It came across as a question - is there a way to have the PA function as a secondary / sub-ca? Our team members our discussing instead of standing of a new CA since everyone should have the root FW cert. My question is at what scale ...

sallen by L1 Bithead
  • 2473 Views
  • 3 replies
  • 0 Likes

Resolved! Aggregate interface per cli

Dear all, I am in search of how to create an aggregate interface per cli. I am using eve-ng and the option to create the ae via the GUI is not available. much appreciated.

Shadow by L2 Linker
  • 5402 Views
  • 2 replies
  • 0 Likes

HoneyPots?

Hello,A bit off topic but still security related, just curious who out there uses honeypots. I know google is a good resource but want to get actual user feedback. What works, what doesnt, top level info is good. Thanks in advance!

Prisma SD-WAN vs PAN-OS SD-WAN - Focused on SASE

Prisma SD-WAN vs PAN-OS SDWAN ... Focused on SASE Hi good afternoon, as always, thanks for the time to answer and the good vibes. Today there is some confusion regarding these different variables, whether to use Prisma SD-WAN i.e. CloudGenix ION, to put together a sd-wan based network and/or to use PAN-OS SD-WAN. Thinking about an environment ...

Metgatz by L4 Transporter
  • 10559 Views
  • 2 replies
  • 0 Likes

DHCP Options

Hi All,I need to send DHCP option 119 to my clients that are using the Palo Alto as their DHCP server.Please can you confirm whether this is possible or not? Thanks,Jaggie

JAG by L1 Bithead
  • 8790 Views
  • 8 replies
  • 0 Likes

Question about Management Interface

Hello All, My current management IP is set to a private IP and is up and pingable from the PALO ALTO command line. How ever I cannot log onto the management IP via WEB GUI... Does the management interface correlate to the physical management port on the palo or is there someway to connect to the management IP from a different network? Or c...

PA-450 Internet Traffic stops after 15 minutes

Replacing 2 Cisco M400 firebox with PA-450, mirrored the NAT and security polices from the M400 onto the PA-450. When we switch over the firewalls we get internet traffic both ways as expected but after 15 minutes all in and outbound internet traffic stops. Switch back the Cisco routers and traffic flows normally again, swap back the the PA-450 ...

Keatsie by L1 Bithead
  • 4029 Views
  • 5 replies
  • 0 Likes

PAN-OS 10.2.3 - HA1 PRTG bug - PA-220

Hi, Since updating our firmware to 10.2 we have noticed that ha1 shows down in our monitoring tool but is showing as up on the device. Has anyone seen anything like this before? This is on multiple devices and has not effected the PA-800's. Thanks Luke

LukeRath_0-1674469242937.png
LukeRath by L1 Bithead
  • 1699 Views
  • 1 replies
  • 0 Likes

Resolved! opcmdhistory log missing in PanOS9.1

I noticed that the “opcmdhistory” log disappeared in Panorama after upgrading to PanOS9.1. It was there in 9.0 and previous versions. Do you know why it changed and if the information is in another log file?I was using it for troubleshooting and detecting cli commands executed by other admins, API calls, etc.

batd2 by L4 Transporter
  • 5216 Views
  • 5 replies
  • 0 Likes

URL action block-continue

We can set the following actions for URL filtering categories: The URL filtering logs show the following possible actions: alertblock-urlcontinueblock-continue The first 3 are clear and relate to the action we set in the categories. Can someone please explain the "block-continue" action?

batd2_0-1606381147745.png
batd2 by L4 Transporter
  • 8377 Views
  • 2 replies
  • 0 Likes

Resize GlobalProtect Notification window

Hey,I have a customised login page for when users connect to the GlobalProtect VPN and it frustratingly doesnt fit on the screen. I would like to know whether the Notification window can be resized and grow to a larger size than the default.

mwhite by Not applicable
  • 4352 Views
  • 3 replies
  • 0 Likes

Resolved! Firewall Unable to connect to ISP Router

I m setting up a small office network where the endpoints are connecting to a switch that is in turn trunked to a PA220 Firewall . The firewall external interface is configured with a static IP address within the same range as the ISP IP router . However it appears that neither the ISP router or the Palo can receive arp entries off each other le...

PA-VM testing / homelab

Hi Folks, I have quick question. If I want to do some home lab for learning purposes for example with eve-ng , how I can get PA-VM image I applyd for 30days trial, however for unknown reason I was rejected After our evaluation of your application, we are unable to supply a trial product download due to Trade or Legal restrictions. 1. I'm from ...

dakobg by L1 Bithead
  • 3342 Views
  • 4 replies
  • 0 Likes

PAN-Agent and Mac OS X Clients

Has anyone had sucess in the PAN-Agent capturing logins for Mac OS X clients joined to Active Directory?We have about 100 iMacs running Mac OS 10.6.5, and I always get a "_unknown_" username when looking at their IP address in the PAN-Agent. We have a Server 2008 R2 domain controller.

mharding by L4 Transporter
  • 8153 Views
  • 11 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks