This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4222 Views
  • 0 replies
  • 0 Likes

Virtual Wire transition default config ( Tag Allowed ) to layer 2 subinterfaces - Virtual Wire

Virtual Wire transition default config ( Tag Allowed ) to layer 2 subinterfaces - Virtual Wire Good afternoon, first of all thanks for the support, help and collaboration. Currently there is a scenario where there are two Virtual Wire interfaces, which to filter only the VLAN-TAG, there is the Tag Allowed option where there are the following VLA...

Metgatz by L4 Transporter
  • 2354 Views
  • 1 replies
  • 0 Likes

MFA - LDAP ( Active Directory ) Radius/Tacacs+ Internal Resource Access

MFA - LDAP ( Active Directory ) Radius/Tacacs+ Internal Resource AccessHello good afternoon, thank you very much for the constant cooperation, for the excellent will and for the help and support.Dear all, what is the best strategy for a simple way to use a MFA for access to certain resources of the internal network. Example what you are looking ...

Metgatz by L4 Transporter
  • 2772 Views
  • 1 replies
  • 0 Likes

Error when commit

Hello, I get this error message when I try to commit after making a change. Change is just a different IP for syslog server. ANy idea why?

palo error.png

GP on Windows 11 - client certificate issue

Our customer is having issues with GP 5.2.10-6 on Windows 11. They are using client certificates for authentication and after a while a connection fails due to no client certificate present. If we check MMC the certificate is present, valid and has private key. But GP logs say:(P9292-T12792)Error(2290): 05/23/22 07:03:00:014 error = ERROR_WINHTT...

santonic by L6 Presenter
  • 8161 Views
  • 4 replies
  • 0 Likes

Resolved! Agentless User-ID not reading Security Log on AD

I'm pretty new to PA so there may be something obvious that I have missed.The issue I am having is trying to get the Agentless User-ID connecting and reading Security Logs from AD. All the users are coming up as Unknown: show user ip-user-mapping all IP Vsys From User IdleTimeout(s) MaxTimeout(s...

stuart.l by L2 Linker
  • 6651 Views
  • 5 replies
  • 0 Likes

We need a static Nat from one source to a single outside IP using multiple Ports to translate to multiple inside private IPS with same source

We need to create a Policy to allow traffic in from a partner that needs to monitor Our Servers.Outside IP will be one say xx.xx.xx.5 they need to hit 10 diffrent servers on the inside of our network 192.168.1.101-110 THey want to send traffic to 21001 - 21002 and have it changed to 5666 on the inside. i have tried about everythign I can thi...

No Response from the support team

Are you experiencing no response from the support team? I have a critical issue where my firewall is down for more than 24 hours, call multiple times, post messages multiple times but no response and or call back for a mission critical 4 hour support.

Resolved! Tags text box not visible

I'm running PAN-OS 10.0.7 and for the past few days I've noticed the TAGS text box isn't rendering correctly in the web UI. This is a trend among other IT staff, and seems to be common to Chromium-based browsers. My primary browser is Edge 99.0.1150.36. I tried in FireFox 97.0 and the TAGS box renders as expected, but other content does not (I d...

textbox.jpg
tlpitch by L0 Member
  • 9780 Views
  • 9 replies
  • 0 Likes

Resolved! noreply mail not arriving

Hi all,I have a collaborator that is trying to change his password, but when he clicks on "forgot password" link, the portal says the mail is delivered, but he doesn't receive any mail from the "noreply@paloaltonetworks.com".When i do a message trace in 365 Exchange, there's no mail from Palo Alto to the mail desired.I'm sure the mail address is...

Guide for troubleshooting Nats security policies

Looking to see if there is a troubleshooting guide for NATS and for Security Policy rules. Searching has turned up various hits here and there, but not something comprehensive as what cisco has on their site for their docs. Am I just looking in the wrong place? Any other PA sites that have good info besides these boards?

Support portal login error

When I tried to log in to the support portal, getting the below error, earlier I used to login into the portal.UnAuthorized AccessYour membership has expired or has not been approved, please contact Palo Alto Networks Support. my name : Arumugasamyemail : swami@gbmme.comBahrain00973 39063271

Change HA pair from Active/passive to Active Active

Hi All, I will be changing one pair of our firewalls from an active/passive pair to an active/active pair. Whilst confident of what is needed and the process I need to take, has anyone ever gone through this process? Was it problematic, time consuming, any gotchas I should know about? Regards Adrian

a.jones by L3 Networker
  • 9541 Views
  • 3 replies
  • 0 Likes

PBF Issue

Hello, i have palo alto with 2 ISP(A and B) and 1 internal connectioni enabled the ECMP + simetric return and ecmp setting IP Modulo.my goal is, force 1 IP segment to ISP B to go to the internet i already setting in PBF, using enforce return simetric but in the the traffic monitor, the user show incomplete application. i assume that it go into I...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks