General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 676 Views
  • 0 replies
  • 0 Likes

Issue starting user in partner portal

Hi Community,

 

I want to ask you for help! One of our sales Team agent, had an issue when she try to get inside her user portal.

 

The issue said "Single sing-on error".

 

Whe want to know how can fix this.

 

I apprecciate any help!.

 

Regards,

 

S

...

9f53feb7-ea4f-49f4-a328-a5a63fcd9cdc.PNG

What to monitor via Solarwinds

Hello -

Just looking to see what others monitor for on their Pano/Palo FW within Solarwinds. Is there like a general consensus (best practices) or is it all over the place depending on requirements.

PA3250 in No Rules/Allow All mode and Public IPs

We are currently testing out/learning with a new 3250 in no rules / allow all traffic mode flowing from ISP > Palo > Cisco ASA (Being Retired).

 

We have two public ips routed to two local static IPs and those have stopped working. Would a policy need

...

jpierce by L0 Member
  • 2105 Views
  • 2 replies
  • 0 Likes

strange behavior of bidirectional NAT

hello All,

 

Today I've spotted weird behavior:

 

We have 2 static bidirectional NAT translations between UNTRUST and DMZ interfaces for public IPs. Also we are allowing certain applications in for those public NATed IPs from any IP addresses using only

...

Resolved! Redistribution host address between protocols

Dear experts

 

I set a PA firewall as an ASBR, connects to a RIP and a OSPF area with eth1/1 and eth1/2 respectively. And created 2 loopback interfaces on PA, advertised them into RIP and OSPF respectively. Then I can reach them within RIP and OSPF are

...

DexinLi by L1 Bithead
  • 3452 Views
  • 4 replies
  • 0 Likes

Resolved! Accidentally Deactivate License

Hello we have PAN that license uploaded manually before, because a network issue that we cant get the dynamic update/retrive the license.

we think that the license problem, so we want to remove the license and then add again to the firewall. but we ch

...

Email Scheduler Not Working (Urgent Action Required)

Hi Team,

 

We've configured to schedule reports for email delivery on daily basis, It was working fine without any issues but last week we had restarted the Palo Alto firewall, Since from that day we're not getting custom report email.

 

When we check "s

...

Site to Site VPN failing when IKEv2 and different PANOS

Hello,

 

 I’ve recently ran into an issue where I’m using IKEv2 preferred and the two firewalls are using different versions of PAN-OS. It will fail with “invalid sig.”. If both firewalls are the same PAN-OS version (this has been happening on 9.1.11-9

...

COlson by L2 Linker
  • 3209 Views
  • 2 replies
  • 0 Likes

Session behavior when resource limit is reached.

Hi,

I have been checking my PA-2050 with PAN 4.0.3 and I realised about new command in sesion configuration. The exact command is:

set deviceconfig setting session resource-limit-behavior  with the options bypass and drop. Default option is drop.

I had

...

Resolved! Passive device aggregate interface down

I have the firewall 3220 model in the 9.1.11 version in HA mode.

I can see all the aggregate interface in passive firewall is showing down. i want to know is this expected behaviour or not because I checked the below KB for some mode it is expected be

...

Increase CPU on VM-series

Hello

As PAN-OS CLI is locked, I don't have the ability to run a script and increase the CPU of my VM-series instances in Azure VMS.

I'd like to test and demonstrate the scaling (IN/OUT) feature regarding CPU level (high/low).

 

Did someone knows a way/s

...

FatihT by L1 Bithead
  • 2168 Views
  • 1 replies
  • 0 Likes

Resolved! Full cone/Port Restricted/Restricted NAT

Hi all,

I need to make work a voip server behind my pa-3020. The server is using stun protocol and requires that nat is not symmetric.

I've tested a public stun server (for example stun.telbo.com on port 3478)  using pystun3 (a python tool to retrieve

...

N2Z2 by L2 Linker
  • 4688 Views
  • 3 replies
  • 0 Likes

Resolved! Dropbox uploaded files not determined correctly

Hello, after implementing SSL decryption we're trying to improve visibility and noticed that files to dropbox web aren't shown correctly

 

When downloading from the dropbox website, the file names are correctly shown, but when uploading the files are r

...

Megrretz by L1 Bithead
  • 2981 Views
  • 2 replies
  • 0 Likes

Query about EDL in an VSYS environment

Hi Folks, 

 

We had  5 vsys active on the firewall. We had configured separate EDL for each vsys.  My query is when we check the EDL Maximum capacity on the firewall will it show the Total EDL capacity utilized for 5 vsys capacity utilized by each vsys

...

  • 24118 Posts
  • 117 Subscriptions
Top Solution Authors
Top Liked Authors
Labels