This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4441 Views
  • 0 replies
  • 0 Likes

What exactly is the naming convention for Prisma Access?

We have Prisma Access ( Panorama Managed ) in our environment. Example of one of the compute locations is named as "europe-central-cranberry". Is this an SPN? And after certain bandwidth will be get a new SPN in europe central like "europe-central-xxx" so in total we will have two SPN in Europe Central Compute location? Will these names remain ...

Resolved! It appears as a blocked URL, but you can still access the page without decrypt

I want to block the page XDRAY.COM. In this case it is about XDRAY.COM https://ydray.com/ I have created a URL filtering profile and I have it applied in the security rule where it works ok, however, although in the url filtering monitor I see this session as block-url, the user can open this url Any idea why it may be failing? Attached are ...

Alpalo_0-1659431671536.png
Alpalo_1-1659431743545.png
Alpalo by L4 Transporter
  • 3672 Views
  • 2 replies
  • 0 Likes

Resolved! How in the hell do i open a support case?

I see no way of opening a support case... I called the tech support phone number, but it hangs up with me beacause I have no support case #... I didn't think customer service could actually get worse, but it has

jreed2 by L0 Member
  • 2401 Views
  • 1 replies
  • 0 Likes

FIPS-CC Security Functions- can you trust PAN documentation?

According to PAN documentation: https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/certifications/fips-cc-security-functions MS-CHAPv2 is not compatible with FIPS-CC mode. It is recommended to use RADIUS with TLS. However, in my test with my PAN-820 in FIPs mode, it works perfectly with RADIUS PEAP with MSCHAP-v2. Can you even trus...

dtran by L4 Transporter
  • 2261 Views
  • 2 replies
  • 0 Likes

Wrong interface name on PA-410 stencils

Hi all, I'm in the process of rolling out several PA-410 to a customers locations. I am creating detailed documentation, since there is a third party that will do the physical install. In the process I found Visio stencils here: https://www.paloaltonetworks.com/company/press-kit.html On the Visio stencil, the ports on a PA-410 are marked (from...

Skodbo by L0 Member
  • 2245 Views
  • 1 replies
  • 0 Likes

Incorrect object displayed on PA-5220 during Tunnel negotiation.

This is a slightly confusing issue that I am facing so please bare with me with regards to the explanation. We have a PA-5220 configured with multiple IPSec Tunnels connecting to community sites, the community sites have either a PA-220 or PA-440 on the other end. Recently when setting up a new IPSec Tunnel (Southmead_Health) we noticed one of...

JoeJohnson_1-1658996869364.png

Are logs lost when log discarded (queue full) increases?

Hi everyone I changed last week from pa-3020 to pa-3220.However, the log looks abnormal (7-8 minutes delay).Looking at the log-receiver status with the command below, log discarded (queue full) is continuously increasing.Does this mean log loss?How can I solve this? admin@PA-3220(active)> debug log-receiver statistics Logging statistics--...

Resolved! Disable Local Account when NAC is reachable

Is there a way to disable the local account when an external authentication method is reachable? Only being able to log into the local account if it cant reach the external authentication server?

Claw4609 by L5 Sessionator
  • 2507 Views
  • 1 replies
  • 0 Likes

I'm having a problem with PXE Boot.

We are having issues with our new Palo Alto 2050. We are using a DHCP server in 2050 with a PXE to iSCSI system. Use another firewall/router with the built-in DHCP server - the system works fine.

Premium Support client but password reset links don’t work and can’t open a case

Tried calling TAC and they refuse to open a case. I can’t access support portal as the admin for my accounts so I reset my password. Links I receive by email to reset password don’t work. Other person in my org has same problem with their account. I set up this account to access live community from my phone but using Chrome on Win 10 I can’...

rburke1 by L0 Member
  • 2411 Views
  • 2 replies
  • 0 Likes

HA2 Question

If HA1 is going through switches, can HSCI still be used or should HA2 be used? The firewalls are racked next to each other.

AWS S2S VPNs not re-establishing?

Having issues with a fair amount of AWS VPN tunnels that will go down due to path or ISP issues but they don't come back up unless I manually bounce them on the PAN side. Configuration is standard with DPD set to 10/2 and using PBF monitoring the far ends of the tunnels. So I will see the tunnels go down and they show down in AWS but they DO ...

drewdown by L4 Transporter
  • 3178 Views
  • 1 replies
  • 0 Likes
  • 24375 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks