This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4468 Views
  • 0 replies
  • 0 Likes

Resolved! about Password complexity configuration

Hello, I configured required password change period and post login count in password complexity on my firewall. If admin login in post login count stage after required password change period expire How can admin recognize expiration of his account password? Thanks. Best regards.

hbshin by L2 Linker
  • 3831 Views
  • 2 replies
  • 0 Likes

SSL Connect Error on SMTPS Settings

We have problem with SMTPS configuration on Palo alto Firewall so we have the SMTPS Certificate and already inject to the firewall Our users says that the certificate is the certificate CA and when we test the email connection, the firewall shows error 'SSL Connect Error', we try on port 465 and using TLS 1.2 We have another brand network devi...

Resolved! PA-3410 : STP Block cannot be created

Hello all, We have a PA-3050 configured with V-wire and are operating as STP Block on the uplink of Backbone_B. We are going to replace PA-3050 with a new construction firewall, PA-3410. STP block is not generated in the in-house LAB before deployment, and disconnect occurs during communication.Has anyone experienced this before?   Thanks,

스크린샷 2022-09-26 오전 10.20.49.png

Related to Paloalto VM instance type change

Dear Team, I have a question while testing. If I'm wrong, anyone please feel free to leave a comment. 1. Check if an issue occurs in the service traffic processing part when changing the instance type> Since there is no change in the settings, traffic processing is normal, but the throughput changes depending on the instance.> ex) m5...

Resolved! PA-3410 Spanning tree cannot be generated

Hello all,We have a PA-3050 configured with V-wire and are operating as STP Block on the uplink of Backbone_B. We are going to replace PA-3050 with new construction equipment, PA-3410. STP blocks are not generated in the in-house LAB before deployment, and disconnect occurs during communication.  In conclusion, the issue has been resolved. 

1....

스크린샷 2022-09-26 오후 1.17.26.png

WSL and SSL decryption

Hi guys. We have a number of developers that use Windows Subsystem for Linux (WSL) on their Windows clients, and there are a lot of URLs and services that will not work when we decrypt the traffic. Managing a decryption exclude list for them would be a major pain, so I am thinking of ways to fix this. Is there any way to separate WSL sessions fr...

MD-OTL by L0 Member
  • 4038 Views
  • 2 replies
  • 0 Likes

PA-5250 Migration to Virtual Appliance and EoL Status

Hello I'm interested in the Palo Alto virtual or VM-series appliance that would be broadly equivalent to the PA-5250. I realise the product selection is best made based on requirements such as sessions security rules, dynamic ip addresses, security zones, ipsec vpn tunnels but that information is not available just yet. What I can say is tha...

Redman by L1 Bithead
  • 3512 Views
  • 2 replies
  • 0 Likes

DNS proxy errors

We are using PANOS 9.1 and latest DNS security. Any thoughts on these errors from proxy log? 172.16.1.1 and 172.16.1.3 are Microsoft AD DNS servers.Can these be effecting performance of traffic? 2020-02-17 08:30:23.583 +1100 Error: pan_dnsproxy_recv_server_udp_cb(pan_dnsproxy_udp.c:222): [udp]: fd 48 from 172.16.1.1 to 0.0.0.0 process server fa...

Resolved! Pan-OS database

Hi guys, greetings. On of my customers asked me a simple question about palo alto database. How does it work internally? Is there any SQL database internal on PAN-OS? Should it be accessed by any external factor like APIs os something like that?

IPSEC tunnel not working post HA failover

Hello Friends, We have Palo Alto firewalls (various models like 3050, 5220 and 3220) which are in HA (active-passive mode). IPSEC tunnels are working fine when traffic is on active gateway. The issue is, when we failover traffic on passive gateway, internet works fine but my tunnel resources becomes unreachable. When i checked tunnel status on ...

HA Interfaces failover triggers

Hi All, We currently have a pair of PA-5250 firewalls configured in active/passive. We have 4 port channel groups configured with the condition set to 'all'. The question i have is we are using eth1/1 & eth1/2 as HA interfaces if one of these goes down will the firewalls failover? Also is it possible to stop a interface from causing a ...

ElliotM by L2 Linker
  • 6315 Views
  • 4 replies
  • 0 Likes

Resolved! GlobalProtect Local LAN Printing

I have GlobalProtect running for machines when they are off the network. Is there anything that I need to setup that would allow them to be able to print to their local LANs even though the agent is connected back to the FW? I am currently testing this right now, but users most definitely will need to print when not in the office, so I am hopi...

ccaruso by L0 Member
  • 11392 Views
  • 2 replies
  • 0 Likes

Resolved! Is Installing Application and threats from file possible without a license for PA-820?

Hi Community, I have a spare firewall PA-820 that I need to upgrade from 10.1.6-h3 to 10.2.0 but it returns an error asking me to update the content version. Please see picture below:  But when I try to upload the content version, it asks me for a license.   I remember doing the same procedure last year without the device requesting a license....

Screenshot 2022-09-20 102653.png
Screenshot 2022-09-20 102840.png
Rachid5 by L0 Member
  • 3221 Views
  • 2 replies
  • 0 Likes
  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks