This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4105 Views
  • 0 replies
  • 0 Likes

Can't HTTPS to PA 200 from my MacBook?

So, I have my PA 200 factory reset, from my work computer (Windows) I am able to https to it using IE, from my MacBook (Monterey) no matter which browser I use I just get the security error about the cert on the PA. No options to just 'continue anyway' Only thing that sort of works is Safari, I get a partial login page, just a box for name and ...

Is it possible to use RSA MFA for admin console authentication?

We have standardized on RSA SecurID for MFA for GlobalProtect VPN MFA, and locking down our internal network assets. I was asked if it is possible to use RSA SecurID MFA for secondary verification for admin accounts logging into our PA-820. I believe it is, but want to confirm. Is anyone doing this on their firewalls? I tried setting the Authent...

fpascal4 by L0 Member
  • 2528 Views
  • 1 replies
  • 0 Likes

Resolved! Posting a knowledge base question?

So, through some troubleshooting we learned a few things about the new 10.1 feature "Registration Auth Keys". I wanted to post a question/answer to the Knowledge base so others could benefit from it, but when I login to the Knowledge base it takes me to the CSP now - and I can't find a way to post a new question. All it does is list previously...

rolinger by L2 Linker
  • 4398 Views
  • 2 replies
  • 0 Likes

Resolved! PA multicast with Cisco

Hello,We are having a multicast problem with our PA. It is an informacast application that needs to use multicast. Our server is in the data center on Nexus. We saw that Multicast FIB on the Palo Alto FW was not being created.We saw that multicast packets coming from the source to multicast group were not being marked with an egress interface,...

kenhagen by L0 Member
  • 3413 Views
  • 1 replies
  • 0 Likes

PANorama won't see 5250 connected on "Managed Devices"

We have 5250s we're trying to integrate to PANorama. Both are not in the same geographical location, but are able to communicate with each other. PANorama can ping the 5250. 5250 can ping PANorama, and SSH to PANorama possible from 5250. Connection between the two has all ports and protocols allowed. TAC discovered TLS alert 21, and we aren't su...

WilderG by L0 Member
  • 1820 Views
  • 1 replies
  • 0 Likes

Need SCP Software recommendation for Panorama Backup

Hi All, I need SCP Software recommendation for Panorama Backup, am currently using Solarwinds SFTP/SCP Server and am unable to get this to work, keeps throwing the following error. "SCP EXPORT ERROR EXEC REQUEST FAILED ON CHANNEL 0 :" Thanks

sokonta by L2 Linker
  • 3569 Views
  • 2 replies
  • 0 Likes

ARP table By SNMP

Hi, Any idea How I get ARP table from Palo Alto Firewalls (PA-200, PA-500 and PA-3020) by SNMP? Did try BRIDGE-MIB::dot1dTpFdbTable but gave me NULL resualts Mike Alani

Log/syslog forwarding to Microsoft Azure/Sentinel

Entire company uses log analytics and Sentinel for logging. Found this excellent article below on how to accomplish this task.https://davicruz.com/en-US/azure-sentinel/2021/03/rsyslog-sentinel-log-forwarder Has anyone done this before? I have stand-alone PA's that are now dumping sylog to Splunk.Splunk is being replaced with log analytics. Th...

Resolved! APP ID impact

Can some one answer this? A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified byApp-ID as SuperApp_base. On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, whichwill be de...

BNSRIKAR by L1 Bithead
  • 5921 Views
  • 3 replies
  • 0 Likes

TCP 3 way handshake success (telnet) but data doesnt flow through

InformationSource : 10.1.1.1Destination (example) 202.181.200.188Destination Port : 8443Client is running on port based firewall Issue (Technical not an issue just the firewall behavior) :3 way hand shake success which mean telnet port 8443 is success but the actual data doesnt go through and with deny log record at traffic log. Client is questi...

VLim by L2 Linker
  • 5923 Views
  • 4 replies
  • 0 Likes

Resolved! Creating an Authenticated Tunnel from One Internal Zone to Another Internal Zone

I would like to create a secure internal tunnel such that a user requires authentication (ideally MFA, or a cert, or at least a PW, etc) to get from one internal zone to another internal zone (ie user zone to the management zone). What are my options? Is anyone doing this sort of thing with Okta? Is there a certificate based way to do this? ...

Active/Passive PA with Dual ISP in eBGP and private owned /24 ASN

Hi, Looking for some guidance on our setup. I am looking to establish pure ISP failover without having to take action on my / my team's side. Presently when there is an outage, we need to do manual intervention to get connectivity back up. Here is an overview of our network, internet facing. ISP A (/30) -> Cisco ASR Router 1 (I control) (/24 ...

system2 by L0 Member
  • 2673 Views
  • 1 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks