This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4222 Views
  • 0 replies
  • 0 Likes

Resolved! Posting a knowledge base question?

So, through some troubleshooting we learned a few things about the new 10.1 feature "Registration Auth Keys". I wanted to post a question/answer to the Knowledge base so others could benefit from it, but when I login to the Knowledge base it takes me to the CSP now - and I can't find a way to post a new question. All it does is list previously...

rolinger by L2 Linker
  • 4445 Views
  • 2 replies
  • 0 Likes

Resolved! PA multicast with Cisco

Hello,We are having a multicast problem with our PA. It is an informacast application that needs to use multicast. Our server is in the data center on Nexus. We saw that Multicast FIB on the Palo Alto FW was not being created.We saw that multicast packets coming from the source to multicast group were not being marked with an egress interface,...

kenhagen by L0 Member
  • 3471 Views
  • 1 replies
  • 0 Likes

PANorama won't see 5250 connected on "Managed Devices"

We have 5250s we're trying to integrate to PANorama. Both are not in the same geographical location, but are able to communicate with each other. PANorama can ping the 5250. 5250 can ping PANorama, and SSH to PANorama possible from 5250. Connection between the two has all ports and protocols allowed. TAC discovered TLS alert 21, and we aren't su...

WilderG by L0 Member
  • 1837 Views
  • 1 replies
  • 0 Likes

Need SCP Software recommendation for Panorama Backup

Hi All, I need SCP Software recommendation for Panorama Backup, am currently using Solarwinds SFTP/SCP Server and am unable to get this to work, keeps throwing the following error. "SCP EXPORT ERROR EXEC REQUEST FAILED ON CHANNEL 0 :" Thanks

sokonta by L2 Linker
  • 3615 Views
  • 2 replies
  • 0 Likes

ARP table By SNMP

Hi, Any idea How I get ARP table from Palo Alto Firewalls (PA-200, PA-500 and PA-3020) by SNMP? Did try BRIDGE-MIB::dot1dTpFdbTable but gave me NULL resualts Mike Alani

Log/syslog forwarding to Microsoft Azure/Sentinel

Entire company uses log analytics and Sentinel for logging. Found this excellent article below on how to accomplish this task.https://davicruz.com/en-US/azure-sentinel/2021/03/rsyslog-sentinel-log-forwarder Has anyone done this before? I have stand-alone PA's that are now dumping sylog to Splunk.Splunk is being replaced with log analytics. Th...

Resolved! APP ID impact

Can some one answer this? A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified byApp-ID as SuperApp_base. On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, whichwill be de...

BNSRIKAR by L1 Bithead
  • 5997 Views
  • 3 replies
  • 0 Likes

TCP 3 way handshake success (telnet) but data doesnt flow through

InformationSource : 10.1.1.1Destination (example) 202.181.200.188Destination Port : 8443Client is running on port based firewall Issue (Technical not an issue just the firewall behavior) :3 way hand shake success which mean telnet port 8443 is success but the actual data doesnt go through and with deny log record at traffic log. Client is questi...

VLim by L2 Linker
  • 6003 Views
  • 4 replies
  • 0 Likes

Resolved! Creating an Authenticated Tunnel from One Internal Zone to Another Internal Zone

I would like to create a secure internal tunnel such that a user requires authentication (ideally MFA, or a cert, or at least a PW, etc) to get from one internal zone to another internal zone (ie user zone to the management zone). What are my options? Is anyone doing this sort of thing with Okta? Is there a certificate based way to do this? ...

Active/Passive PA with Dual ISP in eBGP and private owned /24 ASN

Hi, Looking for some guidance on our setup. I am looking to establish pure ISP failover without having to take action on my / my team's side. Presently when there is an outage, we need to do manual intervention to get connectivity back up. Here is an overview of our network, internet facing. ISP A (/30) -> Cisco ASR Router 1 (I control) (/24 ...

system2 by L0 Member
  • 2696 Views
  • 1 replies
  • 0 Likes

multicast test

PA is using cisco switch as external RP. Over a system I start the stream on VLC but I don't see the multicast address in multicast FIB. System is connected to network that is directly behind firewall. I use this tool multicast test tool (https://community.arubanetworks.com/community-home/digestviewer/viewthread?MID=21729) I see the entry of add...

raji_toor by L4 Transporter
  • 2864 Views
  • 1 replies
  • 0 Likes

IPSEC s2s VPN between VM-50 and PA-3220

We've done plenty of s2s IPSEC VPN tunnels between our DC firewalls and branch offices. I have a new branch office which we are configuring the same way as the others, yet the IPSEC VPN is not operating as expected. The tunnel is showing as up and the IKE Phase 1 & 2 are successful. However, on both firewalls, when I go into Tunnel Info all ...

popeja by L2 Linker
  • 2797 Views
  • 3 replies
  • 0 Likes

MS Active Directory Security Group Changes Not Applying over VPN w/ prelogon

Our organization has been struggling with getting MS AD security group changes to apply over VPN w/ prelogon enabled for a long period of time now. I have had support tickets in with Palo support and MS support. Palo support has determined via Globalprotect logs, prelogon appears to be functioning properly and no traffic for this function is bei...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks