This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4118 Views
  • 0 replies
  • 0 Likes

GP users are getting denied random times

I have global protect v5.0.5 deployed to all Corporate Windows and some users reported that when they work everything stop to work and suddenly after 5-10 minutes is back again without disconnecting them from the global protect .This happen random times and not always .I have a user though that he reports that every day for the last week . Palo ...

using NAT to "change subnets"

Hello community, I have what I think is an odd use case for NAT but am curious if it would work.We are readdressing our campus and have a series of vending devices with no way to change the static IPs. All of those devices need to "move" to another subnet.All of our on-campus routing takes place within our core switches, with no way to do NAT th...

mnaylor by L1 Bithead
  • 7362 Views
  • 9 replies
  • 0 Likes

Changing the IP Address of Panorama

Hi Gang, We need to change the management IP address of Panorama due to a complete change in our network. It runs in, Panorama mode, and manages several firewall pairs (which forward their logs to Panorama). My questions is:Is it as easy as changing the IP address of Panorama?Then logging into the managed firewalls to change the Panorama address...

Log Collector Status

Hello -From local firewall Device > Management > Logging and Reporting Settings > Log Collector Status > Show Status it says that there is an error for Device Connectivity All of my logging is working just fine though. Is this just a bug?From command line "show logging-status" I see:>Log Collector'Log Collection log forwarding ag...

DC.PNG

Scheduled Log Export based on custom queries

Is there any option to schedule custom traffic reports based on custom queries and to get it exported automatically .?Currently, we are exporting the traffic logs manually from Monitor > Logs >Traffic and pasting the queries ( some of the sample queries is mentioned below) in the search bar (apply filter) and export as csv file . We have...

Resolved! 10.1.4 HA config sync problems with certificates

I don't know if this is a 10.1.4 bug or by design but I have a pair of PA460's in HA with config sync enabled. 1. Firewall won't sync a certificate with a private key to the other firewall. It syncs the root CA only.2. I can't sync any SSL/TLS service profile settings to the other firewall. Normally I use Panorama but I would have to be a huge ...

Resolved! Installing minemeld on a supported Operating system ubuntu 18.04 or 20.04

Due to security requirements, we cannot run an unsupported operating system, however we need to install Minemeld to update office365 lists. Ubuntu 16.04 is unsupported as of April 2021. Is there support for or an install method that works on Ubuntu 18.04lts or 20.04lts? If you did get it working properly on a newer OS how did you do it? ...

jstine2 by L0 Member
  • 5741 Views
  • 4 replies
  • 1 Likes

Global connection issues with Wildfire EU Cloud?

Somebody else has same issue with Wildfire EU Cloud?System Log full of "wildfire-conn-failed" events and in traffic log can see corresponding connection issues with 154.59.126.51, packets received = 0, therefore application "incomplete". Normally it should be application paloalto-wildfire-cloud.

Anon1 by L4 Transporter
  • 7463 Views
  • 9 replies
  • 0 Likes

UID Redistribution SSL Errors

Hoping someone else has run into this. I have been implementing UID redistribution in our PAN environment. I've stumbled across a few firewalls that will not establish a connection on port 5007, once the UID service is moved off of the default Mgmt interface (yes, appropriate firewall rules are in place). The system logs spit out an error lik...

Resolved! Inconsistent policy action on the same traffic flow

Hello, I do have a connection flow for Microsoft Teams direct routing domain sip-all.pstnhub.microsoft.com where I do have a NAT rule and a security rules for bidirectional traffic with the Microsoft domain from our DMZ. The issue is that the firewall sometimes allows the traffic from one of the IP addresses that it resolves to (e.g. 52.114.76.7...

bambox by L1 Bithead
  • 4124 Views
  • 3 replies
  • 0 Likes

Does Palo Alto Support IPv6 source NAtting for IPV4 addresses

Hi Everyone, We had recently bought an ISP connectivity and we had got the IPv6 address. When we configure natting for IPV6 host to ISP IPv6 IP address it is working but we need to provide internet access to IPv4 devices on our environment. We need to know whether it is possible to perform Source NAT translation of IPv4 LAN network devices to I...

Inter-working of PBF and DHCP Relay

Hi All, I have a query regarding DHCP Relay working with Policy based forwarding. We have a setup where DHCP relay is configured on firewall and DHCP server is in remote location reached via IPsec tunnel. We have 2 IPsec tunnels configured (tunnel1 & tunnel2). We want to configure VPN failover with PBF monitoring the DHCP server IP. PB...

Web Application intermittently having a performance issue

From the tcp dump at the server end, I am seeing a lot of traces on TCP Dup ACK, retransmission and out of order being flag out at the pcap file The connection made is via VPN client to the Web Application server. Tried few scenario where we access directly bypass the PaloAlto firewall and we don't see this traces on tcp dups and retransmissi...

afifdin_0-1618935667620.png
afifdin_1-1618935712790.png
afifdin_2-1618935811755.png
afifdin by L0 Member
  • 5726 Views
  • 3 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks