General Topics

Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Welcome to the General Topics Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

 

Rules and Best Practices

 

  1. Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion
...

JayGolf by Community Team Member
  • 776 Views
  • 0 replies
  • 0 Likes

Scheduled Log Export based on custom queries

Is there any option to schedule custom traffic reports based on custom queries and to get it exported automatically .?

Currently, we are exporting the traffic logs manually from  Monitor > Logs >Traffic and pasting the queries ( some of the sample que

...

Resolved! 10.1.4 HA config sync problems with certificates

I don't know if this is a 10.1.4 bug or by design but I have a pair of PA460's in HA with config sync enabled.

 

1. Firewall won't sync a certificate with a private key to the other firewall.  It syncs the root CA only.

2. I can't sync any SSL/TLS servi

...

Global connection issues with Wildfire EU Cloud?

Somebody else has same issue with Wildfire EU Cloud?

System Log full of "wildfire-conn-failed" events and in traffic log can see corresponding connection issues with 154.59.126.51, packets received = 0, therefore application "incomplete". Normally it

...

Anon1 by L4 Transporter
  • 5836 Views
  • 9 replies
  • 0 Likes

UID Redistribution SSL Errors

Hoping someone else has run into this.  I have been implementing UID redistribution in our PAN environment.  I've stumbled across a few firewalls that will not establish a connection on port 5007, once the UID service is moved off of the default Mgmt

...

Resolved! Inconsistent policy action on the same traffic flow

Hello,

 

I do have a connection flow for Microsoft Teams direct routing domain sip-all.pstnhub.microsoft.com where I do have a NAT rule and a security rules for bidirectional traffic with the Microsoft domain from our DMZ. The issue is that the firewal

...

bambox by L1 Bithead
  • 3307 Views
  • 3 replies
  • 0 Likes

Inter-working of PBF and DHCP Relay

Hi All,

 

I have a query regarding DHCP Relay working with Policy based forwarding.

 

We have a setup where DHCP relay is configured on firewall and DHCP server is in remote location reached via IPsec tunnel. We have 2 IPsec tunnels configured (tunne

...

Web Application intermittently having a performance issue

From the tcp dump at the server end, I am seeing a lot of traces on TCP Dup ACK, retransmission and out of order being flag out at the pcap file

 

 

 

 

The connection made is via VPN client to the Web Application server. Tried few scenario where we acces

...

afifdin_0-1618935667620.png
afifdin_1-1618935712790.png
afifdin_2-1618935811755.png
afifdin by L0 Member
  • 4396 Views
  • 3 replies
  • 0 Likes

Policy Commit Failed

I am trying to push a template stack to FW, the same one is pushed to a lot other FWs but here i get this error 

 

. In virtual-router vr1, OSPFv2 is not supported on unnumbered interface ethernet1/1 in area 0.0.0.0.
. In virtual-router vr1, OSPFv2 is n

...

Resolved! Error No valid URL filtering license

Hi All,

 

Recently license has been renewed and part of the renewal was change to "Advanced URL Filtering". I got the error whenever commit a change. 

But looking at the licenses section I can see PAN-DB URL Filtering listed as expired. Any step to fix

...

isentric89_0-1645597092589.png

Resolved! QoS - show drops in web view

Hi there,

 

where can I find the packet drops of an interface in the PA web frontend, I wanna monitor the QoS function, without the use of ssh command line tool.

Netzer by L3 Networker
  • 2466 Views
  • 2 replies
  • 0 Likes

URL allow list for some of the subdomains

Hi all

 

I want to limit the user to access the company's sharepoint only, but not other sharepoint from other tenant or even the sharepoint from personal account. Then I found the below KB (section 6) and show how to use allow list in the URL filterin

...

alextsa by L1 Bithead
  • 7856 Views
  • 8 replies
  • 0 Likes
  • 23985 Posts
  • 115 Subscriptions
Top Solution Authors
Top Liked Authors
Labels