General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! Unable to Deactivate PA - VM license through Panorama

Accidentally, while terminating PA VM in hosted in AWS, the license was not removed from the firewall. I am trying to deactivate the license through panorama but it is giving us an error. Also clicking on Complete manually gives us the same error as follows: Have followed this article here https://docs.paloaltonetworks.com/vm-series/9-1/vm-...

MicrosoftTeams-image (2).png

PAN platnium support

I have Platnium support with PAN and I opened a TAC case yesterday evening explicitly requesting TAC support Monday-Friday between 8am-5pm US EST. The case went to APAC TAC and he said that he is looking into the issue. I sent me an email to tell him that need "TAC support Monday-Friday between 8am-5pm EST". Got an email back from TAC that "I...

dtran by L4 Transporter
  • 4082 Views
  • 5 replies
  • 0 Likes

Resolved! Panorama settings - auth key issue

I have successfully on-boarded a FW to Panorama (both version 10.1.6-h3) using auth key. I've set a single use for key so now it disappeared as expected. Now I am trying to change Panorama settings (to disable auto recovery) and it won't allow me to click 'OK' button without auth key. Surely this is a bug? You don't have to re-authenticate FW...

santonic_0-1659699282812.png
santonic by L6 Presenter
  • 4195 Views
  • 1 replies
  • 0 Likes

Multiple unexpected failovers - need help understanding FW behavior

Hi all, We have two PA-3220 devices configured in Active-Passive mode (no preemption). Firmware version is 10.1.2. In the last three weeks we had three failover incidents that we are investigating (no device reboots though). We've opened a support case regarding this, however I'm here just to confirm if the explanation we've been given is corr...

Nielsen_0-1659673836438.png
Nielsen by L0 Member
  • 4821 Views
  • 2 replies
  • 0 Likes

Please help with log collectors and collector groups in Panorama mode!

Hello all! We have had a single Panorama appliance running in Panorama mode as a local log collector in its own collector group. Firewall logs are sent to Panorama, and all is working well. We now have procured a second Panorama appliance for HA. Hardware, disks etc., are all the same, and I've successfully set them up in HA, synced and healt...

ECMP Virtual Router restart question

Very quick question. We have set up another virtual router (currently running two with active users) and are trying to enable ECMP on the new virtual router. When we attempt to enable ECMP, a firewall message states that 'Enabling/Disabling ECMP and configuration changes require a virtual router restart. Existing sessions may be impacted.' ...

What exactly is the naming convention for Prisma Access?

We have Prisma Access ( Panorama Managed ) in our environment. Example of one of the compute locations is named as "europe-central-cranberry". Is this an SPN? And after certain bandwidth will be get a new SPN in europe central like "europe-central-xxx" so in total we will have two SPN in Europe Central Compute location? Will these names remain ...

Resolved! It appears as a blocked URL, but you can still access the page without decrypt

I want to block the page XDRAY.COM. In this case it is about XDRAY.COM https://ydray.com/ I have created a URL filtering profile and I have it applied in the security rule where it works ok, however, although in the url filtering monitor I see this session as block-url, the user can open this url Any idea why it may be failing? Attached are ...

Alpalo_0-1659431671536.png
Alpalo_1-1659431743545.png
Alpalo by L4 Transporter
  • 3707 Views
  • 2 replies
  • 0 Likes

Resolved! How in the hell do i open a support case?

I see no way of opening a support case... I called the tech support phone number, but it hangs up with me beacause I have no support case #... I didn't think customer service could actually get worse, but it has

jreed2 by L0 Member
  • 2433 Views
  • 1 replies
  • 0 Likes

FIPS-CC Security Functions- can you trust PAN documentation?

According to PAN documentation: https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/certifications/fips-cc-security-functions MS-CHAPv2 is not compatible with FIPS-CC mode. It is recommended to use RADIUS with TLS. However, in my test with my PAN-820 in FIPs mode, it works perfectly with RADIUS PEAP with MSCHAP-v2. Can you even trus...

dtran by L4 Transporter
  • 2284 Views
  • 2 replies
  • 0 Likes

Wrong interface name on PA-410 stencils

Hi all, I'm in the process of rolling out several PA-410 to a customers locations. I am creating detailed documentation, since there is a third party that will do the physical install. In the process I found Visio stencils here: https://www.paloaltonetworks.com/company/press-kit.html On the Visio stencil, the ports on a PA-410 are marked (from...

Skodbo by L0 Member
  • 2269 Views
  • 1 replies
  • 0 Likes

Incorrect object displayed on PA-5220 during Tunnel negotiation.

This is a slightly confusing issue that I am facing so please bare with me with regards to the explanation. We have a PA-5220 configured with multiple IPSec Tunnels connecting to community sites, the community sites have either a PA-220 or PA-440 on the other end. Recently when setting up a new IPSec Tunnel (Southmead_Health) we noticed one of...

JoeJohnson_1-1658996869364.png

Are logs lost when log discarded (queue full) increases?

Hi everyone I changed last week from pa-3020 to pa-3220.However, the log looks abnormal (7-8 minutes delay).Looking at the log-receiver status with the command below, log discarded (queue full) is continuously increasing.Does this mean log loss?How can I solve this? admin@PA-3220(active)> debug log-receiver statistics Logging statistics--...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels