This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4112 Views
  • 0 replies
  • 0 Likes

"Introduction to Cortex XSOAR" and "IT Administrator Training" Assessments - Redo

I couldn't find a way to post a support ticket so I'm going through this section first. If you have any solutions to send an official support ticket, please let me know. Besides that, the base problem I am having is I cannot retake both "Introduction to Cortex XSOAR" and "IT Administrator Training" Assessments. I failed my first attempt for di...

Resolved! HA Passive Link State - Change

We want to modify the HA Passive Link from shutdown to auto on production firewalls. I suppose it is a pretty straighforward change, but I would to confirm if there is something which we should keep in mind. Something like applying first in the passive firewall and commit, and then on the active firewall and commit. Or if it is only necessary to...

Service route for Destination

Have 2 radius servers, 1 is used for admin login and is accessible only via the management interface, and another radius server is used for global protect authentication and is accessible via another production port. Tried to configure custom service routes on destination IP, which are not able to make them both work at the same time using cu...

HA state on PA-450 devices "unknown" after masterkey change

Hello all, I am facing an issue with deploying master key in PA-450 firewalls (HA – active/active), I replaced 2 PA 850’s with two PA 450, also in HA. After Changing the masterkey was tested on the PA-850s prior to being performed on the PA-450s through panorama. After the masterkey change in PA 450 the app version, threat version, antivirus v...

SivaShankarReddy_0-1663726967654.png

Palo alto Lab environment

Hi All, I am hoping to build a lab environment to fully learn the palo alto firewall and I wanted some recommendations on the most cost effective way to achieve this. I already have some physical cisco gear (switches, routers) however I'm not against going virtual. Is there any lab offerings with some test licenses which I can obtain? All su...

Mr8023 by L1 Bithead
  • 10007 Views
  • 2 replies
  • 0 Likes

Active Active VIP ping inconsistent

Hello All, i have 2 Firewalls configured in HA Active Active. I have a L3 sub interface created on each firewall and a vitual address configured as IP-Modulo arp-load-sharing. ex: FW1 (primary): 192.168.0.2/24 FW2 (secondary): 192.168.0.3/24 Virtual IP (ip modulo): 192.168.0.1/24 zone: trust a management profile is configured on both FW1 and...

GSuite apps not decrypted when using Chrome

I have seen some older posts with no updates on this very subject so I thought I would start a new thread. I am testing SSL decryption from a couple of workstations and have almost all of the traffic being successfully decrypted. We are a Google suite user with it being our email provider with our own domain. I am on a mac and when using Chro...

TroyGamm by L0 Member
  • 2076 Views
  • 1 replies
  • 0 Likes

Configuration / Rule Set Scheduled Export for SOC2 / ISO27001 Audits?

I'm looking for experiences and suggestions. We're subject to SOC2 / ISO27001 audits, where the auditors want to know what has been changed in a firewall configuration or rule set. Specifically things like "what rules were added, changed, or deleted in the last year?" or "what configuration options were changed last year?" The challenges we're r...

Toivo by L1 Bithead
  • 2555 Views
  • 1 replies
  • 0 Likes

Block HTTP/HTTPS access via IP

Hello. I would like to block access to my site (http/https) when it is made via IP. I want to only allow access made by name. Ex.: www.mysite.com <=> 1.2.3.4 https://1.2.3.4 => deny https://www.mysite.com => allow Is that possible with Palo Alto? Thanks.

PA-access.by.name.jpg
Robynson by L0 Member
  • 2876 Views
  • 1 replies
  • 0 Likes

Resolved! Template- Variable CSV greyed out

I want to import template variables but the "Variable CSV" is greyed out as seen below. We are running Panorama 10.2.3 . I want to build a CSV to import variables for a template. Any ideas? Thanks

NSutfin_0-1667944924048.png
NSutfin by L2 Linker
  • 2589 Views
  • 1 replies
  • 0 Likes

PA Packet Capture

Hi All, Is there any similar command which we can use to check how the packet flows in PA and where the packet is being dropped, which blade is dropping the traffic. To simplify my question is there any command like Packet tracer command in Cisco ASA? Also anything like fw monitor in Checkpoint? Regards, Sanjay S

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks