This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4273 Views
  • 0 replies
  • 0 Likes

Resolved! Licensing in active passive cluster

Hi there, we plan to replace an old firewall cluster against an new one from PA. It will be an active-passive cluster of 2 PA-850 boxes, we plan to use threat prevention + dns security license.There is only one box active, the other one is on standby. Is it enough to have the licenses only for the active system, or do we need a license for the p...

Netzer by L3 Networker
  • 5136 Views
  • 1 replies
  • 0 Likes

Advanced URL License not showing in Panorama?

I recently renewed some licensing on firewalls. The URL Filtering subscription changed to Advanced URL Filtering. On the firewall, under licensing, everything shows fine. In Panorama, for those firewalls, I noticed after doing a refresh, Pano shows them as not having any URL Filtering license. Is anyone seeing something similar?

MikeC_0-1640794406956.png

Restrict Google Domain login

Hello,I have been using a header insertion to restrict login to an approved list of Google Domains for a couple of years now. However, I have now encountered an issue and was wondering if anyone else had a similar experience or has any idea what to do.On one of our domains, there is a regular but seemingly random occurrence of login failures wit...

Network segmentation via nexus using VRFs and virtual router Palo alto with BGP peering

Requirement: have to make firewall config based on network configuration done on Nexus. My challenge is Communication is not posoble with network guys coz they are Chinese, customer speak different language as well. OBJECTIVE: we want DC firewalls to be used for filtering or traffic only and nexus to do the core routing.. In the config I can se...

IMG-20220208-WA0012.jpg
Sukhmeet by L1 Bithead
  • 7210 Views
  • 1 replies
  • 0 Likes

flow_fpga_ingress_exception_err and high latency

Recently deployed several PA-5250s Running 10.1.3 and there is a issue that randomly comes and goes.Latency for traffic going through the firewalls spikes to 100-500ms. I was able to capture one thing that looked peculiar and that was flow_fpga_ingress_exception_err counts were high (8169388322) and the rate was high (12468). But I can't seem to...

category malware with action allowed

Hi, we use Splunk. We tried following searchstring: http_category=malware | timechart count BY vendor_action We find out that we get back action allowed with category malware. Is there a failure in the search? The action in our URL security profil for malware is block. Is there someone with same environment and same results ? best regards...

Resolved! Allow single user to bypass MFA

Hi All, I would like to access Global Protect for myself using different profile to access one of our resources subnet 10.21.xx.xx. I want to access without having to go through 2FA. Any idea for it? is it possible? Do we need to create another gateway on the GP for a single user?

Using minemeld to whitelist Oracle Cloud IP ranges?

I currently use minemeld to whitelist the list of O365 IP ranges etc, but I have not been able to find a miner for the Oracle Cloud. Oracle publishes a JSON file with the relevant IPs (https://docs.oracle.com/en-us/iaas/tools/public_ip_ranges.json), so maybe I need to use Minemeld to parse the JSON somehow? Hoping I'm not the only one trying...

Resolved! SSL Decryption for IoT devices

I am rolling out SSL Decryption for the wired subnets at my office. It's working great for the users since their laptops and devices are on the domain and trust our private CA which is used as the forward-trust cert. I'm running into issues with other devices plugged into the network like copiers, printers, smart TV's. These devices are on the w...

Cant upload Wildfire update after manually activating the license

Cant upload Wildfire update after manually activating the license, we are getting ready for PA migration (replacing old PA with with new) hence new PA firewalls are not connected to live environment and doesn't have internet connectivity. config was transferred using XML import / export.All the subscriptions are activated on the new PAs and dyna...

Resolved! Transfer Configuration from PA-3020 to PA-850 Without Panorama

Has anyone cloned configuration from a PA-3020 HA pair in active/passive mode to PA-850's that aren't managed by Panorama? Maybe not those specific model numbers even? I'm not familiar with Panorama, and have searched here, and online but all I find is when devices are managed, so I'm wondering if doing this manually would have a different outco...

Resolved! Application Override Question

Hi All, I got this question from the learning center for the PCNSE practice exam. Dont know if its allowed to post the screenshot here. From my understanding of using the application override, the firewall stops any further content inspection. It was also stated on the admin guide:If you define an application override, the firewall stops proces...

app-override.PNG
  • 24362 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks