This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4224 Views
  • 0 replies
  • 0 Likes

Increase CPU on VM-series

HelloAs PAN-OS CLI is locked, I don't have the ability to run a script and increase the CPU of my VM-series instances in Azure VMS.I'd like to test and demonstrate the scaling (IN/OUT) feature regarding CPU level (high/low). Did someone knows a way/solution for that (appart of reducing Azure VMSS scaling levels)? Regards.

FatihT by L1 Bithead
  • 2498 Views
  • 1 replies
  • 0 Likes

Resolved! Full cone/Port Restricted/Restricted NAT

Hi all,I need to make work a voip server behind my pa-3020. The server is using stun protocol and requires that nat is not symmetric.I've tested a public stun server (for example stun.telbo.com on port 3478) using pystun3 (a python tool to retrieve nat type).That's what I got (A.B.C.D is my public ip) ~# pystun3 -H stun.telbo.com -dDEBUG:pystun...

N2Z2 by L2 Linker
  • 6007 Views
  • 3 replies
  • 0 Likes

can't access to menu palo alto "error: file '/boot/' not found"

Hello,After a factory reset of the Palo Alto PA-3220 (Firmware 10.1.1), then a reboot, I cannot access any of the PANOS partitions (maint-sysroot0, maint-sysroot1, etc.).And this message appears when I select one of the partitions in the menu (grub):error: file '/boot/vmlinuz' not found.Press any key to continue... Can you help me,Sincerely,

Resolved! Dropbox uploaded files not determined correctly

Hello, after implementing SSL decryption we're trying to improve visibility and noticed that files to dropbox web aren't shown correctly When downloading from the dropbox website, the file names are correctly shown, but when uploading the files are registered in the data filtering logs as "presentation.xml" and "put_block_returning_token" Tried ...

Megrretz by L1 Bithead
  • 3601 Views
  • 2 replies
  • 0 Likes

Query about EDL in an VSYS environment

Hi Folks, We had 5 vsys active on the firewall. We had configured separate EDL for each vsys. My query is when we check the EDL Maximum capacity on the firewall will it show the Total EDL capacity utilized for 5 vsys capacity utilized by each vsys individually.

Resolved! IpSec Tunnel Phase2 Red But Ike Side Green

Hi, I have several TpLink Archer Mr400 4G Router. I setup Ipsec VPN tunnel between PA-220 and them many times. But new one is not success at Phase2. Phase1 IKE is green so devices communicate. But Phase2 Tunnel Info is red and i can't see any tunnel when i click Tunnel Info. I have read the losg and find below things; 2022-04-19 16:50:25.878 +03...

Tplink_ArcherMr400_phase2.PNG
PA_Phase2_ipsecCrypto.PNG
PA_Phase2.PNG
tsenturk by L0 Member
  • 3344 Views
  • 1 replies
  • 0 Likes

The PA-3020 in the HA pair cannot automatically run dynamic updates.

Hi All,I have two PA-3020 that are HA setup, version 9.1.9.Since the beginning of March, I have found that dynamic updates often fail. Strictly speaking, downloading images is normal. However, one firewall updates normally and the other fails to update, causing the two firewall versions to mismatch. But it does not always fail to update automati...

PA-3020-mismatch.png
PA-3020-A.png
PA-3020_B.png
PA-3020 fail detail.png
DevonFan by L1 Bithead
  • 5675 Views
  • 5 replies
  • 0 Likes

Resolved! May I set the same ip in different interface between two virtual system?

I set ip address 192.168.1.254/24 in the ethernet1 which belong default router in the vsvy1.I try to set the same ip address in the ethernet2 which belong another VR in the vsvy2.When I commit, it will display duplicate address.I just do some lab about vistual system for my client.But I want to sure may I set the same ip in different interface ...

kylelee by L1 Bithead
  • 17579 Views
  • 13 replies
  • 0 Likes

Auto update agent failed to install license information:

I am facing an issue while trying to update the license I am able to ping the google dns and updates.paloaltonetworks.comadmin@PA-VM> ping host updates.paloaltonetworks.comPING updates.gcp.gslb.paloaltonetworks.com (34.96.84.34) 56(84) bytes of data.64 bytes from 34.84.96.34.bc.googleusercontent.com (34.96.84.34): icmp_seq=1 ttl=57 time=6.26 ...

Resolved! Getting a 'Device certificate expires in 15 or less days' but all certs are valid

As the subject states, one of our FWs is logging a 'Device certificate expires in 15 or less days' message once a day. All certs are active/valid with the earliest expiration date sometime in 2023. I've been seeing this alert of at least the last 20 days but nothing was changed in the environment. Anyone seen this before or have any thoughts on ...

Support Case Access Problem

malik.kecioglu@barikat.com.tr can access Support Portal but when he click Support case ,get a error.I checked his user ,everything looks ok. I can see all support case.could you please check malik.kecioglu@barikat.com.tr user. regards

Serpil_0-1650359327407.png
Serpil by L0 Member
  • 2840 Views
  • 4 replies
  • 0 Likes

CLI Location command not showing the location of the IP address

Today I found that Application and Thread ID 8559-7361 is incorrectly categorizing US IP address as if they were from China and therefore blocking all the traffic to these destinations. The only way to fix the issue was to revert back to version 8558-7356 from 4/18/22. While doing the test below I could see exactly the problem: What is the reaso...

JorgeOrtega_1-1650490814484.png
JorgeOrtega_2-1650490867494.png

Resolved! SSL decryption policy - strange behaviour

Hello guys, Recently I had a situation where Cisco Webex traffic was decrypted by policy - let's call them "URL_policy"'URL_policy" was set to decrypt traffic based on the categorization of URL likes: drugs, extremism, gambling, adult, malware, nudity, etc - nothing business-related for sure.Just after this policy was my "webex_do_not_decrypt" p...

S_Owoc by L1 Bithead
  • 7174 Views
  • 5 replies
  • 0 Likes

Port Forwarding/NAT Issues

I just set up my PA-200 and I'm trying to get my Plex server (on my LAN) to be accessible via WAN. I don't think I fully understand how NAT and security policies intertwine so I'm rather confused I'm able to get LAN traffic outbound, but for one reason or another, I can't seem to get either my NAT or security policies correct to allow traffic in...

wallbert by L0 Member
  • 4862 Views
  • 3 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks