This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4223 Views
  • 0 replies
  • 0 Likes

Palo alto 220 Disk issue

We have PA 220 at few of our site. Multiple times a day it's getting "Disk usage for / exceeds limit, 97 percent in use, cleaning filesystem" Sometime it goes to non-functional state because auto disk cleanup won't work and it will fill out 100%. I have opened case with support but they were not helpful gave me KB: https://knowledgebase.paloalto...

hpatel11 by L2 Linker
  • 3618 Views
  • 3 replies
  • 0 Likes

Outside WAN port staying red on backup PA-850 when failing over from active - services do not work

Hi All, Having a strange issue. I have a cluster of PA-850's in HA. Last night I failed over my active PA-850 to the standby 850. What happened is the backup 850 became active, and the inside and DMZ ports went green, but the outside port Eth1/1 stayed red. As such, services did not work, and I had to fail back to the primary. Has anyone e...

RTCP issue for matching policy

Hi, We are having a issue with RTCP traffic. The RTCP traffic is jumping the rule configured for this and matching the last rule (bypass). The filter for the correct rule is application rtcp. We see that the application is identified but sometime is matching the correct and most of the times the last rule. I attach the screenshots with the...

BigPalo by L4 Transporter
  • 6084 Views
  • 7 replies
  • 0 Likes

Resolved! interface-management-profile - CLI

Hello When I am configuring sub-interface (or interface) with CLI from Panorama as : set template [name] config network interface ethernet ethernet1/x layer3 interface-management-profile [Profile] units ethernet1/x.x comment [comment] tag [xx] ip [xx.xx.xx.xx/xx] All is working fine excepting the management profile that is not taken in acc...

Active/Active failover triggers for multiple Vwire?

Hello, I've been looking for some time docs which closely describe PA Active/Active setup for only Vwire interface mode (multiple defined Vwire's), especially failover triggers like a link or path monitoring, but no luck. I decided to start with this discussion in order to clarify some unclear questions myself, so let me briefly describe the f...

Tician by L1 Bithead
  • 2657 Views
  • 2 replies
  • 0 Likes

GlobalProtect stops to connect

Hi all,GlobalProtect stopped to connect to server. So it works before ( I did not install any new software, firewals, proxies, .... etc) It contiue work under VirtualBox machine, so it is not a problem of my internet provider, but it stops to connect from my machine:I can reach portal throgh browser (chrome), or curl on 443 port without problems...

BGP AS-Path allow

Hi All, I suspect the answer to this is in the Advanced Routing in PanOS 10. We have configured a new system as Active-Active and BGP. The firewalls are in different DCs, the DMZ side of the firewall can talk to routers in both DCs but only its local router on the WAN side. If one DC goes down, the other firewall with a less favourable route...

a.jones by L3 Networker
  • 3919 Views
  • 3 replies
  • 0 Likes

Allow traffic other than IPSec

Hi all, Site A Source Zone: test-DMZ Interface: ae 1 (172.16.1.1) Tunnel Interface is in internal-trust zone. Static route set to destination 10.10.10.1 I have an IPsec tunnel between 2 sites. However, i want to allow traffic from other sources to test-DMZ zone. How can i deploy policy that will allow me to communicate from test-DMZ to outs...

mike.07 by L1 Bithead
  • 1896 Views
  • 2 replies
  • 0 Likes

How to whitelist specific URL with path included.

I want to whitelist a specific URL with path. Eg: https://live.paloaltonetworks.com/t5/forums/postpage/board-id/members_discuss I tried adding it the same as it is in URL category and created the following rule: Source: Ip of source Destination: ANY Port: https Service/URL category: above mentioned URL ( https://live.paloaltonetworks.com/t5/foru...

Amey05 by L0 Member
  • 2825 Views
  • 1 replies
  • 0 Likes

Active-Active Firewall - BGP failure condition

Hi All, How can I instigate a firewall failover for an Active-Active firewall if BGP fails? I feel I need a full failover but please tell me if I am wrong. Here is the situation: Firewall in Active-Active mode, HA1,2 and 3 up. BGP peering on outside and inside interface. 1 BGP peer on outside to local cpe. Inside peers to local cpe and remot...

a.jones by L3 Networker
  • 2224 Views
  • 1 replies
  • 0 Likes

Unable to Login After Factory Reset

Hello Community, I have just carried out a factory reset. However, now I'm not able login with the admin-admin login/password. I'm presented with the prompt: PA-HDF login: I read I should wait for the prompt: PA-500 login: However, the PA keeps on rebooting into PA-HDF login: and the admin/admin login password won't work. Any he...

reset qos application statistics

Hi all, I was wandering if there's a way, under network -> qos ->statistics, to reset the application list of an interface. These list are never refresched and contain applications that are no more seen. So I really would like a fresh start in order to understand which applications are matching a certain QoS profile. Hope I was clear...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks