This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4222 Views
  • 0 replies
  • 0 Likes

Resolved! Is there entry limit when resolving FQDN?

When I tried resolve the FQDN, abc.com, and it shows 4 IP address of 54.192.150.W, 54.192.150.X, 54.192.150.Y, 54.192.150.Z use this address ipv6 not resolved. After I performed 'request system fqdn refresh force yes’ The resolve FQDN shows another 4 IP address of 13.33.33.W 13.33.33.X use this address 13.33...

Wenwei_Y by L0 Member
  • 5385 Views
  • 3 replies
  • 0 Likes

device template stack values staying in overide mode, shared template values not passing through on template stack

hello, anyone ever have this following issue. on some of our template stacks the shared template values are not passing through to the template stack. in the template stack some values come through from the device template but the shared template (which is delow in order the device template stack) values do not come through but only on some fiel...

miguelMA by L2 Linker
  • 2393 Views
  • 2 replies
  • 0 Likes

Resolved! vsys1 - User-ID Hub

Hello - Can someone explain the difference between "vsys1 - User-ID Hub" and another of my palo's that just has "vsys1"?

Panorama showing incorrect device IP

Morning all. We are onboarding 90 or so pa410 firewalls and did our initial config and update with ZTP, at which point panorama showed the managed devices as their DHCP address on a /24 I gave them. we are now using the dedicated WAN interface for services and mgmt, these remove branches only have a single handoff. In device summary the device...

smartz by L0 Member
  • 3221 Views
  • 2 replies
  • 0 Likes

Quick AP ID related question google-docs

Just looking of for clarification around google-docs app IDs. If I allow the google-docs container ID in a policy\app group...I'm essentially including ALL the child apps contained within.... correct. ??? No need to explicitly specify the child apps ??? ie.... google-docs-base google-docs-uploading google-docs-editing etc etc Appreciat...

Are Virtual Routers required?

I am working with a customer whereby the requirements are to split different traffic by different interfaces. Its an internal firewall and will not route internet traffic 1x Interface for East/West/North/South traffic 1x Interface for communications to Panorama 1x Interface for any communication to internet targets the firewall needs(NTP/Licen...

Nhussain by L1 Bithead
  • 3150 Views
  • 3 replies
  • 0 Likes

How Do I Actually Get Support From Palo Alto?

So I purchased premium support for my device but when I go to the website to create a support ticket, I get to a point where the ticket is blocked by a window telling me that I am being redirected to the live community. If I click continue a new tab opens to to this site. If I click cancel they close my ticket. There is no way to go back to the ...

Radius Accounting

Is there a way to configure the boxes to act as a NAS by sending a Radius Server (like Freeradius) accounting information? I am particularly interested on the session start and session stop attributes. I am about to provide Globalprotect VPN access to a community of users and need to account the resource use in the same Radius server where the a...

Error while disabling tunnel.

Hi All,We are running PA with firmware 9.0.4 Getting errors while "disabling" not required/unsed IPSec tunnel. Error: tunnel interface tunnel.50 encap interface is not set.Error: parse tunnel member failed.Error: error parse qos tunnel groupError: error parse tunnel-traffic group listError: alloc obj iterator failedError: QoS configuration error...

Jimmy20 by L2 Linker
  • 6535 Views
  • 3 replies
  • 0 Likes

Rules from One Zone to another Zone

Hello All, from the GUI i can get all the security policies from one zone to another, However, from the CLI, is there a way? for example : i need all the policies from Orange_Zone to Free- App_Zone "Orange to DEVDB11-1; index: 1333" {from Orange_Zone;source 172.24.x.x/24;source-region none;to Free-App_Zone;destination 172.24.x.x;destinatio...

User-ID Agent

Hello! I have a Palo Alto with version 9.1.5 installed and I want to install a User-ID Agent, which version can I install?

Rate increase in flow_ipv6_disabled

Hi All, Is there any way to check which source of this flow_ipv6_disabled? Our monitoring tool keeps on alerting us due to these parse packet drops. When I run the command below, I don't see any logs on Palo Alto's monitor. debug dataplane packet-diag set log counter flow_ipv6_disabled Thank you in advance.

mudvayne15_0-1661210191059.png
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks