This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4441 Views
  • 0 replies
  • 0 Likes

Resolved! Log Forwarding

I have setup Syslog forwarding from multiple firewalls to a log collector, but I cannot see any Syslog traffic in the logs. Does this traffic get logged by the firewall/Panorama, or is it allowed through without needing a firewall policy?

Panorama OS compatibility

Hi Team, I am planning to upgrade Panorama software version from 9.1.13 to 10.1.*. But the i am confused whether the Panorama with OS 10.1.* can manage PA3020 running on PAN OS 9.1.* and PA450 running on PAN OS 10.1. *?

Bijesh by L1 Bithead
  • 3308 Views
  • 2 replies
  • 0 Likes

High loads by scanner

Good afternoon. At 11:57:26 (9:57:26 GMT), there was a log entry which said this company was scanning our VPS. This made it unresponsive with extremely high load for us until I had restarted the HTTPD service. The traffic was also coming from a lot of different IP addresses all by Microsoft. Is this normal? Log entry:198.235.24.150 - - [14/Jun/2...

Resolved! MFA on the Palo Support Portal?

I saw the announcement that they were going to start requiring MFA for logging in on the Palo Alto websites and it mentions a code via email, however, I was already set up to use an authenticator app for this. When I went to log in today, it seems to be ignoring my account settings and doing the email code every time. I tried switching to the ...

jsalmans by L4 Transporter
  • 19608 Views
  • 13 replies
  • 0 Likes

Mapping problem of users (XMLAPI) authenticated in Clearpass

Hi team, The problem detected is that Palo Alto (PAN-OS 9.1.13-h3)computers register too many IPs for each user through XMLAPI (RADIUS-Clearpass origin). Usually a user is not connected to the WiFi network with more than 3 devices (work computer, personal phone and corporate phone), therefore is not associated with more than 3 IPs. In Palo Alto ...

Alpalo by L4 Transporter
  • 3521 Views
  • 2 replies
  • 0 Likes

advanced URL & URL4 license HA configurable check

Dear Team, I understand that the same license set is required to configure HA according to the content below.- The same model- The same PAN-OS version- The same type of interfaces- The same set of licenses Customers want to configure HA while introducing new equipment. However, the existing equipment is using the URL4 license, and the equipment ...

Resolved! SSL Decryption bug in PAN-OS 9.1.14

I recently upgraded from panos 9.1.13-h3 to 9.1.14 then SSL decryption stopped working, in the traffic monitor there wasn't any decryption error but when i excluded a PC the internet workedand it seams other people are also having the same issue (Reddit ), but its not in the known issue list until nowso i had to revert to the previous version an...

LAS by L2 Linker
  • 14866 Views
  • 22 replies
  • 0 Likes

Resolved! FQDN not working vs Resolved IP address

I created a new FQDN address object to facilitate a new Policy(rule). When tested the FQDN resolves internal to the Palo Alto Firewall.The rule contains one destination address which is the new company.fqdn.com FQDNThe rule contains one source addressApplication SSL with Application-Default ServiceAction Allow When attempts are made to connect ...

rockfort by L1 Bithead
  • 31933 Views
  • 6 replies
  • 0 Likes

PALO ALTO to AWS site to site VPN not established

Issue:PALO ALTO to AWS IPsec site to site VPN not able to established.SituationSince AWS will provide two VPN tunnel by default.One of the VPN tunnel is established using the same public IP of PALO ALTO while the other VPN tunnel not able to established. Here is the logs2022-05-24 12:55:40.905 +0800 [PNTF]: { 39: }: ====> PHASE-1 NEGOTIATION ...

Question for SaaS Security API and Inline

Hello, I am SE from Korea. Is there have one admin console for SaaS secure API and inline? I have both configured, but the console is different.(attached picture) However, Palo Alto Korea said, 'console has been integrated in one'. how can I configure?

CVEs that cannot be found in Palo Alto Advisories

Hi there, Does anyone know what does it mean generally for CVEs that cannot be found on Palo Alto Advisories?Does it mean Palo Alto is not affected or the advisories has yet to update? A few examples that cannot be found would be the following : CVE-2022-26377CVE-2022-28330CVE-2022-28614CVE-2022-28615CVE-2022-29404CVE-2022-31813CVE-2022-30556CVE...

L2 Extensions

Hello People , We have a situation where in a Site to Site IPSEC exists between Cisco ASA and PALO ALTO FW The LAN segment of the Network is behind Cisco ASA . Infact all of the VLANS are in this LAN Segment which is Behind Cisco ASA . The requirement is that Gateway for these VLANS will be the PALO ALTO FW So i need to know if it is possible...

Resolved! Your connection is not private (Privacy error)

i am going to access PA firewall on the browser or Global protect its shows Your connection is not private (Privacy error) then I m clicking on proceed to unsafe then it's showing the main page. how to resolve this. security certificate does not specifyProceed to (unsafe)

Resolved! Skype screensharing uses "u-meeting" app-id

Hi Guys, is it normal that Skype uses this u-meeting app-id every time user uses the screen sharing feature?I tried to block this app-id and the screen sharing stops working. Because I only allow app-ids listed on this article: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRbCAK

RVizcarra by L4 Transporter
  • 3765 Views
  • 3 replies
  • 0 Likes

PBF with ECMP Issue

Hello, i have question about PBF Using ECMP.We have 3 ISP and using ECMP Setting with weight round robin and Symetric Return SettingsISP A > 200ISP B > 100ISP C > 50 NAT we set like thisAll User > ISP A Using PBF for some IP SegmentSegment A to ISP ASegment B to ISP BSegment C to ISP C But we have some problem link below : When we c...

  • 24375 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks