This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4229 Views
  • 0 replies
  • 0 Likes

Resolved! Prioritizing an BGP route over other BGP routes for IPSec tunnel traffic redirection

Hi All, We have an physical Firewall on our premise. We have Three ISP and single virtual router with ECMP enabled(Balanced Round Robin)in it. Recently we had configured Two pairs of IPsec tunnels(Pair one -Tunnel 1 and Tunnel2// Pair 2 - tunnel 3 and tunnel 4) to communicate to AWS Peer(Only one Subnet on AWS 10.x.x.x/24) using the BGP Method f...

SNAT to a FQDN

Hi All, I am trying to create a NAT policy that would NAT traffic from my internal Zone to and update server. the problem is i have FQDN of destination server which resolves to multiple different IPs. I need to find a way to complete this NAT policy, is there any way i can make this work?

mike.07 by L1 Bithead
  • 5785 Views
  • 6 replies
  • 0 Likes

HA Pair manual syncronization

Good morning, I'm trying to understand the behavior with this command request high-availability sync-to-remote running-config . I have a HA active/passive pair that I had some config sync issues after an OS upgrade. If I want to push the active running configuration from my active device to my passive device, do I run this command from the ac...

danoman2 by L3 Networker
  • 6399 Views
  • 9 replies
  • 1 Likes

Resolved! Firewall replacement procedures

We are planning to replace PA-3260 with PA-3430, can anyone suggest the procedures and prerequisites to be followed before replacing the firewalls. Currently the firewalls are managed from Panorama.

Cannot block theoxymoron.xyz

Hello, I have been trying to block the site theoxymoron.xyz but can not get it to block. I have tried URL filtering with many different versions of the URL as well as blocking the IP addresses for the site, neither of which worked for me. We do not use decryption. Any help would be appreciated. Thank you.

Stuck in a customer support loop

I'm trying to setup my PA-220 to use the AIOps and need to login into the Palo Alto customer support portal. I have not logged in for a long time, but when I use the account associated with my device, it tells me "Unable to sign in". Trying forgot password, sends no email to the email account. When I try to create an account and enter Serial ...

3dmaxer by L0 Member
  • 2235 Views
  • 2 replies
  • 0 Likes

Montioring DHCP with ManageEngine

Hello all. We are demoing ManageEngine's OpUtils which advertises it can monitor Palo Alto DHCP scopes. I have it connecting to one of our palos via Web API credentials just fine, it just doesnt return any data about the DHCP that is configured. I was curious if anyone had any advice on special configuration needed or special permissions? If...

Resolved! Two Static Route - same destination, Same metric

Two Static Route - same destination, Same metric Hello, good afternoon, thank you very much for your time, collaboration, time and suggestions. Thinking in an environment where you have two routes to the same segment, example a pair of static routes through the Switch Core to LAN resources or two routes to the same destination, by two tunnel...

Metgatz by L4 Transporter
  • 9363 Views
  • 2 replies
  • 0 Likes

Self Signed Certificate for GlobalProtect VPN

Hello All! We are having an issue regarding the Palo self-signed certificates.As suggested without 3rd party paid certificate we are using a self signed CA and a certi issued by the CA.(added to the proper ssl/tls service profile) But the vpn portal does not show the generated Cert with the self signed CA, it shows the generated Cert with an unk...

DNS Security Logging PAN-OS 9.1

Firewalls with DNS Security enabled and working in PAN-OS 9.1 logs are not visible in AIOps DNS Security (Activity:Dashboards > DNS Security - View all DNS Requests). How to ensure firewalls and Panorama are properly configured and log data is reaching AIOps

System error "Retrieving Content "IOT" info failed"-Panorama

Hi Team Anyway, one having any idea about the below error 'Retrieving Content 'IOT' info failed' Error getting on Panorama however, the customer not having any IOT license. Please find the attached snap shot of the error. Regards Roney RajanPlease note you are posting a public message where community members and experts can provide ...

PAN and intermediate CAs

Last couple of days I've had quite a few cases where I had to manually add intermediate CAs as a Trusted Root CA in order for decryption to work (for customers blocking untrusted CAs already on firewall). These are quite well known intermediate CAs like: DigiCert TLS RSA SHA256 2020 CA1 GeoTrust RSA CA 2018 Entrust Certification Authority - L...

santonic by L6 Presenter
  • 4261 Views
  • 2 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks