This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4442 Views
  • 0 replies
  • 0 Likes

Aggregation interface on virtual wire

Hello All,Is there supported to create virtual wire aggregate group ae1 with 3 physical interfaces and another ae2 with another 3 physical interfaces, then form virtual wire with ae1 and ae2. Point of this setup is to put PA between two switches with port channel group formed with 3 physical interfaces.Regards,Predrag

Tician by L3 Networker
  • 9455 Views
  • 6 replies
  • 0 Likes

Resolved! jpeg file blocking download error

Dear Team, I am doing a file blocking test for the jpeg file format.When uploading a jpeg, it is recognized as a unique threat id below, and I can control it as I want. Name: JPEG File Upload> Unique Threat ID: 52097URL : https://threatvault.paloaltonetworks.com/?query=52097logBut I want to control jpeg download. For testing, I set it to 'all...

policy.jpg
profile2.jpg

Resolved! Allow only certain users through VPN Security Policy

Hi All,How can I allow only certain users to use this policy from below? I am not able to do so at the moment using a local database (is it not achievable with a local database?). Currently, only when choosing 'any' will allow traffic through.@BPry

paragkarki143_0-1652249613154.png
Pras by L4 Transporter
  • 3535 Views
  • 2 replies
  • 0 Likes

Can't HTTPS to PA 200 from my MacBook?

So, I have my PA 200 factory reset, from my work computer (Windows) I am able to https to it using IE, from my MacBook (Monterey) no matter which browser I use I just get the security error about the cert on the PA. No options to just 'continue anyway' Only thing that sort of works is Safari, I get a partial login page, just a box for name and ...

Is it possible to use RSA MFA for admin console authentication?

We have standardized on RSA SecurID for MFA for GlobalProtect VPN MFA, and locking down our internal network assets. I was asked if it is possible to use RSA SecurID MFA for secondary verification for admin accounts logging into our PA-820. I believe it is, but want to confirm. Is anyone doing this on their firewalls? I tried setting the Authent...

fpascal4 by L0 Member
  • 2581 Views
  • 1 replies
  • 0 Likes

Resolved! Posting a knowledge base question?

So, through some troubleshooting we learned a few things about the new 10.1 feature "Registration Auth Keys". I wanted to post a question/answer to the Knowledge base so others could benefit from it, but when I login to the Knowledge base it takes me to the CSP now - and I can't find a way to post a new question. All it does is list previously...

rolinger by L2 Linker
  • 4495 Views
  • 2 replies
  • 0 Likes

Resolved! PA multicast with Cisco

Hello,We are having a multicast problem with our PA. It is an informacast application that needs to use multicast. Our server is in the data center on Nexus. We saw that Multicast FIB on the Palo Alto FW was not being created.We saw that multicast packets coming from the source to multicast group were not being marked with an egress interface,...

kenhagen by L0 Member
  • 3521 Views
  • 1 replies
  • 0 Likes

PANorama won't see 5250 connected on "Managed Devices"

We have 5250s we're trying to integrate to PANorama. Both are not in the same geographical location, but are able to communicate with each other. PANorama can ping the 5250. 5250 can ping PANorama, and SSH to PANorama possible from 5250. Connection between the two has all ports and protocols allowed. TAC discovered TLS alert 21, and we aren't su...

WilderG by L0 Member
  • 1873 Views
  • 1 replies
  • 0 Likes

Need SCP Software recommendation for Panorama Backup

Hi All, I need SCP Software recommendation for Panorama Backup, am currently using Solarwinds SFTP/SCP Server and am unable to get this to work, keeps throwing the following error. "SCP EXPORT ERROR EXEC REQUEST FAILED ON CHANNEL 0 :" Thanks

sokonta by L2 Linker
  • 3672 Views
  • 2 replies
  • 0 Likes

ARP table By SNMP

Hi, Any idea How I get ARP table from Palo Alto Firewalls (PA-200, PA-500 and PA-3020) by SNMP? Did try BRIDGE-MIB::dot1dTpFdbTable but gave me NULL resualts Mike Alani

Log/syslog forwarding to Microsoft Azure/Sentinel

Entire company uses log analytics and Sentinel for logging. Found this excellent article below on how to accomplish this task.https://davicruz.com/en-US/azure-sentinel/2021/03/rsyslog-sentinel-log-forwarder Has anyone done this before? I have stand-alone PA's that are now dumping sylog to Splunk.Splunk is being replaced with log analytics. Th...

Resolved! APP ID impact

Can some one answer this? A security administrator has configured App-ID updates to be automatically downloaded and installed. The company is currently using an application identified byApp-ID as SuperApp_base. On a content update notice, Palo Alto Networks is adding new app signatures labeled SuperApp_chat and SuperApp_download, whichwill be de...

BNSRIKAR by L1 Bithead
  • 6082 Views
  • 3 replies
  • 0 Likes

TCP 3 way handshake success (telnet) but data doesnt flow through

InformationSource : 10.1.1.1Destination (example) 202.181.200.188Destination Port : 8443Client is running on port based firewall Issue (Technical not an issue just the firewall behavior) :3 way hand shake success which mean telnet port 8443 is success but the actual data doesnt go through and with deny log record at traffic log. Client is questi...

VLim by L2 Linker
  • 6106 Views
  • 4 replies
  • 0 Likes
  • 24375 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks