General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

sd-wan setup question

set up SD-WAN in PANOS. If you look at the manual, it says to use it in conjunction with the panorama. Is there a way to set it up without linking it with the panorama?

qmso475 by L3 Networker
  • 1943 Views
  • 1 replies
  • 0 Likes

exiting because missed too many heartbeats

Hi all, hoping someone may be able to assist with an issue . these logs are shown only in GUI with high but same logs if see from CLI didn't show up. We are seeing that every 2 hr our PA device generates messages devsrvr: exiting because missed too many heartbeats mgmtsrvr: exiting because missed too many heartbeats Thanks RR

globalprotect authentication issues using SAML on MacOS

Looking for GP authentication troublehsooting tips or if anyone else is experiencing authentication issues using SAML on globalprotect (effects every single agent version newer than 4.1.1). Our issue seems to only effect macOS users, but my shop is 99% mac users, the windows users rarely connect to the VPN and never complain. We upgraded to PAN ...

Cortex XDR Sign On Issues - Is there an issue?

Cannot login to the Cortex XDR portal. Also cannot log any Support Cases. "Unauthorized. Error 4011 when trying to log onto a Cortex XDR tenant. Then trying to get to log support tickets the following: Salesforce Single Sign on Error, we can't log you in because of an issue with single sign-on. Contact your Salesforce admin for help Tried ca...

Hardware Migration PA-850 to PA-3220

Hi,Planning for upgrading PA-850 to PA-3220, Just wanted to be sure that if we download the current running config from PA-850 and import it to new PA-3220 device, will that work?Precision configuration of the PA-850 and managed by a Panorama.

PDelobel by L0 Member
  • 4735 Views
  • 3 replies
  • 0 Likes

Resolved! ISP Failover and DHCP

Hello, I am following this guide to set up ISP failover. https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PLL8CAO The problem is that my failover ISP (Starlink), does not provide me a static IP address How would you recommend accomplishing what I want to do when the failover ISP provides a DHCP address? Thank you!

Resolved! Alarm “Device certificate status expired: it cannot be renewed” on panorama every day.

Hi Folks, I am getting the below alert in the panorama every day. I found the below article for resolving the issue.My concern is 1. Why is this necessary? I've never had the issue before v9.1.x2. Do I need to do this every 3 months from now on? Issue: Alarm “Device certificate status expired: it cannot be renewed” Article: https://live.paloalt...

CyberEye by L3 Networker
  • 23814 Views
  • 15 replies
  • 0 Likes

Audit Global protect server

Hi, We launched a sslab test for a GlobalProtect Portal website. Our note is B. We would like to improve these two things but we dont know what it can be done in PA config. These are: There is no support for secure renegotiation. MORE INFO »This server does not support Forward Secrecy with the reference browsers. Grade capped to B. MORE INFO »...

BigPalo by L4 Transporter
  • 8861 Views
  • 10 replies
  • 0 Likes

routed-config-p2-failed

Hi All, I am trying to add new interface to the ospf and pushing the configuration from Panorama to firewall, But I am getting the below error while commiting "client routed phase 2 failure", Commit on secondary firewall is succeeding. Issue is only on Primary firewall. When I checked the logs in Palo-Alto firewall, I can see the below:route...

Sujanya by L3 Networker
  • 2494 Views
  • 1 replies
  • 0 Likes

ACC-SSL Activities

ACC-SSL Activities 'ssl/tlsother'What means? Please note you are posting a public message where community members and experts can provide assistance. Sharing private information such as serial numbers or company information is not recommended.

ZhouYu by L2 Linker
  • 1893 Views
  • 1 replies
  • 0 Likes

PAN-OS 10.2 on PA-220

Hi All, I was just wondering if anybody had any experience of 10.2 on PA-220 I am thinking of upgrading and haven't heard anything concrete either way. As always thanks in advance for any help.

laurence64 by L4 Transporter
  • 13987 Views
  • 13 replies
  • 0 Likes

XDR Agent Disabled

I've installed a XDR agent to a workstation, and it's not connecting to the server. I've installed the it on different workstations and that's working fine. After the installation the agent never connected to the server and showing it's disabled. What could be the issue?

Screenshot 2023-01-16 103342.png

panorama scp export more command?

It is linked to equipment A, B, C, D in the panorama. I want to extract only the traffic log for equipment A. ↓ ↓ ↓ ↓ ↓ ↓ The above command extracts all A, B, C, D traffic logs. ↓ ↓ ↓ ↓ ↓ ↓ ↓ scp export log traffic start-time equal 2014/05/16@12:19:02 end-time equal 2014 /05/16@12:19:02 to [email protected]:/home/goran/kb1.csv Can't ...

qmso475 by L3 Networker
  • 1463 Views
  • 1 replies
  • 0 Likes
  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels