This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4105 Views
  • 0 replies
  • 0 Likes

Application and services in security policy rules

Hi I have a question, Following rule, Application allowed- DNS,SSL,WEB-Browsing Service allowed - TCP port 22 I understand DNS, SSL and Web-browsing would be allowed on port 22, but my question is SSH traffic would be allowed by this rule as I am allowing port-22 via service.? Also My second question, would DNS traffic be allowed on its sta...

jatinsingh06_1-1654734297058.png

Resolved! High dataplane CPU

Last few days we have been experiencing high dp-cpu on all NPC simultaneously, specifically with flow_ctrl. The flow_ctrl process typically shows 3-10% CPU, but all of a sudden all NPC "DP slot x, dp 0 and 1" simultaneously jump to 30..50...80...100% and maintain that for 30-60 minutes, during which the firewall is basically down. Overall load i...

Panorama-shared objects

I am just setting up a panorama with 25 managed firewalls.How can I have shared objects that are only shared between few firewalls but not all? My perimneter firewalls have huge number of objects which I would not like sharing with other remote firewalls but to some datacenter firewalls. how can I achieve this? Thanks.

Resolved! SSL Cert replacement PA-VM

I need to replace an SSL certificate for 443 device access, but it isn't in the certificate list.Whereabouts in the GUI do I find it? Thanks.

Split Tunnel with Global Protect and cannot get to internet

Hello,I have setup GP VPN and all works well. I can connect and everything works as needed.The problem is when I check off No Direct Access to local Network the internet is not available and I can still access my local network?We are using a PA-3200 with software version of 10.1.5-h1 with FP Agent 5.2.9.I have searched and tried different things...

thoffman by L2 Linker
  • 2894 Views
  • 3 replies
  • 0 Likes

Paloalto Support Potral issue

Hi,I am facing an issue with when login support portal.I have configured 2FA Methods to use Email, but it seems too slow to receive email.The occurs page expired after I fill in the code.I would like to change 2FA Methods to google auth,Is there anyone who can help with this?

how does Support Portal 2FA cancel?

Get email authentication when logging in to the support site But I don't get an authentication mail. Is the account locked because of too many attempts?Does anyone know how to change or cancel 2FA settings?

qmso475 by L3 Networker
  • 2717 Views
  • 2 replies
  • 0 Likes

Resolved! Windows Server PAN terminal server agent random port

On Windows Server 2016, with the "PAN terminal server agent" service we have exactly the problem described here:https://docs.microsoft.com/en-us/answers/questions/154579/listening-port-is-being-replaced-automatically-by.html Simply if the service is started it has this behavior, any port reserving test has not worked. Does anyone know of a solut...

DUAL ISP and PFB with single or multiple Virtual Routers

Hello Palo Alto Community! I am reaching out because I am stuck and a bit confused about what I've seen online when it comes to configuring dual ISP and PFB (which that part I understand) but when configuring the Virtual Routers section. Some only create a single VR with both ISP and their next hops and others create their ISP each VRs and then ...

FreddyC by L1 Bithead
  • 5961 Views
  • 1 replies
  • 0 Likes

Resolved! Geolocation Region EU allowed bust Spain is denied

Hi we use the region as source adress in policies.We allowed region EU but traffic from Spain was blocked. We had to add ES (Spain) to the allowed regions.What am i missing? Spain should match the EU region. Any ideas? If i enter the ip that was blocked in CLI with the "show location ip" command it shows Spain.What does the EU region match? Do i...

kbe by L3 Networker
  • 8426 Views
  • 6 replies
  • 0 Likes

Global Protect Notification

Hi Folks, We are getting the below notification in the Global protect application. Is there any way to disable this notification. Is this message implies any error related to the connectivity issue of Global Protect portal. Error Message : “ You have xx seconds remaining to login and reconnect global protect”. Thanks in advance.

Resolved! How to Consolidate Multi vSys System into a Single vSys?

We have a multivsys system with extensive configuration in which we have been asked to consolidate into a single vsys. I have worked in Expedition, uploading two configuration and manually moving things over. I have tried load merging the configuation and only copying the vsys information into a single vsys. All met with varying level of success...

blwavg by L2 Linker
  • 8549 Views
  • 7 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks