This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4477 Views
  • 0 replies
  • 0 Likes

How to correctly decrypt FTP (over TLS) traffic

Hi, I am facing the common issue of Passive FTP (over TLS). Basically, the connection fails due to the dynamic ports assigned in the encrypted channel. It is clear that the solution is to configure PA to decrypt the traffic to identify the dynamic port and PA automatically (and temporarily) will open the traffic for that port. But unfortunately,...

Updating password with XML API for Palo Alto firewall user.

I have a physical firewall and want to change the password on an admin by the use of XML API. I have followed the guide from How to Change the Password of Administrative Users via XML API - Knowledge Base - Palo Alto Networks and everything works and ends with success. However, when I try to login with the new password it does not work. And neit...

HA ports up when connected but HA NOT enabled?

Do the HA ports come up even if HA isn't enabled? I have a production 3220 I am trying to add a new 3220 to and before I enable HA I wanted to make sure the HA ports were up and working before I flip the switch. The HA ports are showing down and the onsite contact said they are connected directly to each other and the chances that both have ...

drewdown by L4 Transporter
  • 3689 Views
  • 1 replies
  • 0 Likes

Clientless Portal no longer working after upgrade

Hi, The Clientless Portal is now displaying a blank page after a software upgrade (from 9.0.9xfr to 9.1.15). The developers say that the javascript minification process is no longer working and no longer pushing data into the Pan_js module for it then to be passed back to the portal. Has the update caused this? What is the fix? TIA

CraigAddison_1-1669980807406.png

Suggestion on Initial Configuration of Palo-Alto

Hi All, We would be needing suggestion on the below scenario: We are having an new Palo-Alto firewall connected via management console in our data center which is integrated with Panorama and we have pre-configured the box by pushing the templates available in panorama. Now we are moving the box to the location and mounting it and planning to...

Sujanya by L3 Networker
  • 3302 Views
  • 3 replies
  • 0 Likes

Resolved! Clientless VPN and Java/Javascript

Hi We have a clientless VPN and app set up to use https on tcp 8443 but the page is not displaying at all. Connectivity has been proven end to end so all the rules are in place.The app points to a webserver that hosts a portal and uses Javascript. Some debugging was carried out on the client browser side and a comparison of going through the cli...

Resolved! Security Profiles - URL Filtering - Update Multiple Categories within all Profiles

Hello all, I'm looking for some suggestions, or information on how I can quickly update all security profiles, with 3 select objects at once. In total, our Panorama has 129 profiles, so I would need to login to all 129 profiles, and update 3 categories in them to block. By way of the gui, I think the only way would be able to edit 1 profile at...

PAN Issue ID 172132 QoS Fails to run on a tunnel interface

Just upgraded Panorama to 10.1.8. and I want to bring by firewalls up to the same OS, but I see in the release notes that there is a known issue with QoS failing to run on tunnel interfaces. Can anyone tell me if there's a workaround or when this might be fixed? We run QoS on many tunnel interfaces and this is a deal-breaker as far as upgrading ...

Resolved! CDP Connection Issues w/HTTP application incomplete

I have a remote 820 that is connected to a 5250 via an IPsec tunnel. My CDP is directly connected to the 5250. 820<=====>5250<+++++>CDP When I restart the IKE phase on the tunnel, I see the port 80 traffic on my 820, but is says the application is incomplete. When I check my 5250, I don't see any corresponding traffic (permits or...

PA-HDF login: on a PA200

I am new to PA and bought a device and configured it but forgotten my password. i went to maint mode and did factory reset to restart my config again my device entered PA-HDF login: i tried admin/admin and getting incorrect password any advise how to overcome this i also run disk test and of which all results attached Thanks

Dalton by L0 Member
  • 4009 Views
  • 1 replies
  • 0 Likes

The FQDN issue could not be refreshed.

Hello all,We were using two FQDNs that get the same IP from 9.1.14 version.And I recently deleted one FQDN. Then there was an issue where FQDN was applied intermittently.In addition, the GUI confirmed that Refresh was applied through Commit, but it was not applied when forced to try Refresh from the CLI. 2022-10-13 10:54:18.062 +0900 Error: pan...

Resolved! Break up Active/Passive HA Cluster

Hello, we have a PA-3020 Active/Passive HA Cluster. Because of cost cutting I have to break up our cluster and just use one of the firewalls as standalone. The thing is, the license of the passive firewall will last longer than the one from the active. The goal is to use the passive firewall as standalone and to factory reset the active so i...

Veentjer by L0 Member
  • 7853 Views
  • 5 replies
  • 0 Likes
  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks