This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4118 Views
  • 0 replies
  • 0 Likes

User-ID configuration

I configured User_ID on FW 8.1.23, however the server monitoring status shows access denied. I have checked the LDAP configuration(server settings), user mapping, group mapping and ... Any help would be highly appreciated. ThanksPlease note you are posting a public message where community members and experts can provide assistance. Sharing priv...

S_Alad by L2 Linker
  • 2932 Views
  • 2 replies
  • 0 Likes

Nintendo Issues with Nat

We have a couple of Nintendos in our district. I have a NAT Policy setup which is allowing them to get to the internet. Right now it show NAT B. This is after rebooting them. I have two separate NAT policies because two nintendos on seperate IP address. Looking for other ideas get the NAT A. This is on a PA-3220. Thanks in advance.

tnewton_0-1666373614883.png
tnewton by L0 Member
  • 3191 Views
  • 3 replies
  • 0 Likes

Failover to passive no traffic passes

Hi all - have been working on upgrading all our firewalls from 9.1.13 to 9.1.14 and ran into an issue last night with one of our Active/Passive 7050 pairs. When I failed over to the passive FW our users lost internet connectivity, once the active FW finished rebooting and I failed back over to it internet was restored. Configs between the 2 devi...

Resolved! Cortex XSOAR TLS handshake error

Hi friends, I am having an issue with TLS errors when I check the Demistro service status. Not sure where to look to resolve the issue, any advice would be great. Cheers, JasonPlease note you are posting a public message where community members and experts can provide assistance. Sharing private information such as serial numbers or company ...

hambeezy by L0 Member
  • 2792 Views
  • 1 replies
  • 0 Likes

Palo alto 220 Disk issue

We have PA 220 at few of our site. Multiple times a day it's getting "Disk usage for / exceeds limit, 97 percent in use, cleaning filesystem" Sometime it goes to non-functional state because auto disk cleanup won't work and it will fill out 100%. I have opened case with support but they were not helpful gave me KB: https://knowledgebase.paloalto...

hpatel11 by L2 Linker
  • 3583 Views
  • 3 replies
  • 0 Likes

Outside WAN port staying red on backup PA-850 when failing over from active - services do not work

Hi All, Having a strange issue. I have a cluster of PA-850's in HA. Last night I failed over my active PA-850 to the standby 850. What happened is the backup 850 became active, and the inside and DMZ ports went green, but the outside port Eth1/1 stayed red. As such, services did not work, and I had to fail back to the primary. Has anyone e...

RTCP issue for matching policy

Hi, We are having a issue with RTCP traffic. The RTCP traffic is jumping the rule configured for this and matching the last rule (bypass). The filter for the correct rule is application rtcp. We see that the application is identified but sometime is matching the correct and most of the times the last rule. I attach the screenshots with the...

BigPalo by L4 Transporter
  • 5950 Views
  • 7 replies
  • 0 Likes

Resolved! interface-management-profile - CLI

Hello When I am configuring sub-interface (or interface) with CLI from Panorama as : set template [name] config network interface ethernet ethernet1/x layer3 interface-management-profile [Profile] units ethernet1/x.x comment [comment] tag [xx] ip [xx.xx.xx.xx/xx] All is working fine excepting the management profile that is not taken in acc...

Active/Active failover triggers for multiple Vwire?

Hello, I've been looking for some time docs which closely describe PA Active/Active setup for only Vwire interface mode (multiple defined Vwire's), especially failover triggers like a link or path monitoring, but no luck. I decided to start with this discussion in order to clarify some unclear questions myself, so let me briefly describe the f...

Tician by L1 Bithead
  • 2612 Views
  • 2 replies
  • 0 Likes

GlobalProtect stops to connect

Hi all,GlobalProtect stopped to connect to server. So it works before ( I did not install any new software, firewals, proxies, .... etc) It contiue work under VirtualBox machine, so it is not a problem of my internet provider, but it stops to connect from my machine:I can reach portal throgh browser (chrome), or curl on 443 port without problems...

BGP AS-Path allow

Hi All, I suspect the answer to this is in the Advanced Routing in PanOS 10. We have configured a new system as Active-Active and BGP. The firewalls are in different DCs, the DMZ side of the firewall can talk to routers in both DCs but only its local router on the WAN side. If one DC goes down, the other firewall with a less favourable route...

a.jones by L3 Networker
  • 3859 Views
  • 3 replies
  • 0 Likes

Allow traffic other than IPSec

Hi all, Site A Source Zone: test-DMZ Interface: ae 1 (172.16.1.1) Tunnel Interface is in internal-trust zone. Static route set to destination 10.10.10.1 I have an IPsec tunnel between 2 sites. However, i want to allow traffic from other sources to test-DMZ zone. How can i deploy policy that will allow me to communicate from test-DMZ to outs...

mike.07 by L1 Bithead
  • 1867 Views
  • 2 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks