General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Threat Vector, a Unit 42 Podcast, is Now on LIVEcommunity!

We have some exciting community news to share: Threat Vector, a Unit 42 podcast, is now on LIVEcommunity!

 

Threat Vector is your compass in the world of cyberthreats. Listen to this biweekly podcast to learn about unique threat intelligence, cutting

...

jforsythe by Community Team Member
  • 332 Views
  • 0 replies
  • 0 Likes

How and Why to Accept a Solution to Your Post

Did you know that you can help your fellow community members by accepting solutions when a reply answers your question. Accepted solutions are a super-helpful resource in the community, and we want to make sure our members understand how this feature

...

JayGolf_0-1691518400714.jpeg
JayGolf by Community Team Member
  • 3716 Views
  • 3 replies
  • 14 Likes

Resolved! log at session end?

I have around 500 policies having 'log at session end' enabled and 'log at session start' disabled. I know Palo recommends logging at session end only but I also have a concern that for eg. a malicious file export that lasts for 8 hours and 10gigs go

...

Resolved! IPv6 dual stack configurations.

Hello,

 

I want to achieve IPv6 dual stack configuration on PA-850.

 

What are the requirements for this type of configuration? 

 

For IPv4 traffic will hit to our IPv4 configured wan IP and for IPv6 traffic will hit to IPv6 configured wan IP.

 

Please enlig

...

Url filtering

When user asks for providing full access what categories needed to b allowed & Blocked in URL filtering ?

KashifSh by L1 Bithead
  • 2449 Views
  • 4 replies
  • 0 Likes

DP 100%

Hi Team,

 

We came across a situation that our DP had just gone high at a time point till 100%. I checked with the system files and found some crashes have attached the screenshot for your reference.

 

Also all the software status where running which i c

...

Device Config or Full Config

Hello ,

 

I need duplicate FW config...

 

What is your suggestion?

 

Should I import the full configuration file or the device state file?

 

What is the difference of upload full configuration file or the device state?

 

Regards

Alpalo by L4 Transporter
  • 2059 Views
  • 3 replies
  • 0 Likes

Configure Secondary ILL ISP

Hey, Guys, one of my customers wants to configure a secondary ISP he change his ISP and Now want to configure the NEW 

ILL(Internet Leased Line) ISP. to the same interface. I configure the Virtual route, NAT and added new ISP Ip but was not able to UP

...

Resolved! Invalid TACACS Logins from Outside

Just setup TACACS authentication using Cisco ISE as our TACACS server.  We can successfully login with our AD accounts, but when I look in the TACACS logs on ISE, I see a ton of "INVALID" attempts from external IPs.  Is the normal/expected?  Is there

...

Resolved! Log message

Hello there,

 I had received several log message " XDR service cyserver was stopped on Desktopxxx" although this devices have running cortex agent. What are the scenarios that this log message are generated and what are the cases that the cortex agent

...

Migrate Massives URL Category

Good Morning.

I would like to know if there is a way to migrate whitelists created locally from URL Category to Panorama and that these do not affect the policies already created.

Category URLs are many and I would like it to be fast and efficient.

Gree

...

Resolved! No valid GlobalProtect Subscription License warning

Dear Team,
 
I am receiving the below warning while committing,
 
Warning: Collect HIP Data in vsys (vsys1), GlobalProtect Portal (GP) -> Agent -> config (GP_A91) -> HIP Data Collection will not take effect due to no valid GlobalProtect Subscription Lice
...

VishnuPS by L3 Networker
  • 6236 Views
  • 2 replies
  • 0 Likes

Resolved! maximum number of bgp routes

hi,

is there a maximum number of bgp route entries supported for the 5000 series ? does it support a full ipv4 routing table ? i cannot find any docs or data sheets with this kind of limits detailed...

thanks

Error updating managed firewalls

When initiating a software update from Panorama to managed firewalls I get the error

“Failed binding local connection end”

So I followed the ms.log file and noticed this in the log

“2021-02-11 16:12:02.762 +0000 Deployment download using service route:

...

PA-220 HA - License Required?

I intend to purchase two new PA-220s in my company and want to set them up in a high available configuration in case one dies. Is there a license that's required? Sorry.. very new to PA and just trying to learn.

Jack45 by L1 Bithead
  • 3169 Views
  • 3 replies
  • 0 Likes

Alert for static route failure.

I have a PA 3220 with two static routes, the two routes have different AD, Path monitoring has been configured in first static route with premtion enabled, my query is that can we generate email alert for the primary route down and secondary route do

...

  • 24197 Posts
  • 100 Subscriptions
Top Liked Authors
Labels