This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4117 Views
  • 0 replies
  • 0 Likes

Resolved! Palo Alto Test Pages - Inconsistent Results

Hi All, I noticed that the Palo Alto test pages for 'newly-registered-domains' and 'command-and-control' do not block when copied from a chat window or manually entered into a web browser. However when I directly click the link on the Palo Alto test pages for 'newly-registered-domains' and 'command-and-control' they do block. This does not appea...

Josh990 by L2 Linker
  • 3289 Views
  • 2 replies
  • 0 Likes

Getting Low Speed

Guys, My Lan users are getting a slow downloading speed. I have checked the ISP cable directly and there I am getting the accurate speed which is 30Mbps. But when I am connecting the ISP cable to Paloalto after that I am running the speed test it's gives me only 4 Mbps. I have tested also one pc with no URL filtering or no profiles applied on it...

IPSec tunnel to Azure - Strange issue

HI all, I have an active ticket with PA but struggling to get through to anyone atm. We have recently made some routing changes and moved the Azure IPSec tunnel from an SRX to a PA. The tunnel came up fine but we are having a weird issue with RDP. It's like the tunnel is only allowing so many sessions across. Some users have to try about 10 time...

LukeRath by L1 Bithead
  • 2683 Views
  • 1 replies
  • 0 Likes

wrong user-id mapping

Hello everybody,We have a problem with a user to IP mapping. Doesn't matter which version of PanOS - 7 or 8, doesn't matter if it's using windows agent or direct access from paloalto to LDAP servers. Let's say a user is going to some server, windows exchange for example, and this server authenticates the user by LDAP. Then windows agent will...

ppk_vs by L1 Bithead
  • 6403 Views
  • 4 replies
  • 0 Likes

Panorama rest-api edit security policy post rule - 400 Unexpected here

Hi! I'm writing a python script to change the security profile for any security policy rule that is using that profile (very tedious to manually click through hundreds of policys via GUI). Panorama rest-api is always throwing a 400 response to me:URL query parameters and response:location=device-group&device-group=firewall-fw&name=rule-t...

eriryd by L0 Member
  • 3904 Views
  • 3 replies
  • 0 Likes

L3Svr Restarting automatically

Hi Team, The l3svc process is restarting automatically whenever we are doing an commit on the firewall. This is sometime causing captive portal to not work correctly. Is this an bug. We are having PAN-OS 9.1.10 currently installed on the firewall and the firewall is active in Active/Passive HA mode and the firewall model is PA-3220. masterd.log2...

Resolved! How to display more than 100 items in EDL

I need the whole output from an EDL but command only displays 10. Even in the rest API.GUI works but i can't export it form there.Source was deleted and now i need to restore all the entries in that EDL Total valid entries : 2295Total ignored entries : 0Total invalid entries : 0Total displayed entries : 100

raji_toor by L4 Transporter
  • 5041 Views
  • 4 replies
  • 0 Likes

SSLlabs test is blocked on decryption with F5 passthrough

https://live.paloaltonetworks.com/t5/general-topics/extra-certs-inbound-decryption/m-p/457936Adding to the previous discussion with same setup where PA is doing decryption and the F5 is doing SSL bridging/offload while proxying for the server behind it. If we do SSL bridging/offload SSLlabs test goes fine with PA doing decryption and F5 will pr...

raji_toor by L4 Transporter
  • 5221 Views
  • 5 replies
  • 0 Likes

Resolved! Management ip address cannot be seen again

Hi Management interface ip address is configured, and it could work before. but now I cannot see it. After the ip address is reconfigured(and commit), I still cannot see it. Below is its config. Anyone can take a look at it? Thank you! set deviceconfig system ip-address 192.168.1.6 netmask 255.255.255.0 default-gateway 192.168.1.1 show interfac...

Custom URL Categories - ending tokens

Let's say we want to match a domain in a custom URL category or EDL, including all sub-domains. While most people would expect "youtube.com" to do the job, in a PAN-OS this would only match youtube.com and not content.youtube.com. To achieve the result we must include:youtube.com*.youtube.comI can live with that... however in PAN-OS 10 admins ar...

mb_equate by L3 Networker
  • 5277 Views
  • 1 replies
  • 1 Likes

QoS priority - 'real-time' vs 'high'

Hi, What is the difference between 'real-time' and 'high' priority than? Will there be any difference under similar circumstances when you have 100 Mbit/s MAX egress and 50 Mbit/s guarantee, while actual traffic matching this class exceeding 100 Mbit/s? Previously I was under impression that real-time one will just drop traffic exceeding queue l...

User Mapping on Mac with M1 chip in domain

Hi All,I joined Macbook on m1 chip to the domain and the firewall don't recognize user (Don't work user-mapping). I can't apply policy which works via users. We have 3 Mac's on m1 chip with the same problem. Also checked on Mac with intel - no problem with user-mapping after join Mac to domain. Maybe someone has already met such a problem. Thanks.

Newbie: VPN on PanOS 10

Hi everyone, This is probably trivial, but I am fairly new to this so bear with me:I would like to set up the PA firewall as a VPN server for users to connect to (ideally, using only the built-in windows client). After authentication they should have access to a couple of servers connected to a single network port on the firewall, but they shoul...

PANOS 9.1 know issue PAN-83610 network processor

PAN-83610In rare cases, a PA-5200 Series firewall (with an FE100 network processor) that has session offload enabled (default) incorrectly resets the UDP checksum of outgoing UDP packets.Workaround: In PAN-OS 8.0.6 and later releases, you can persistently disable session offload for only UDP traffic using the set session udp-off load no CLI comm...

VLim by L2 Linker
  • 4184 Views
  • 1 replies
  • 1 Likes

Maintenance mode

When we try to access maintenance mode keeping "M" press the device just stop booting and nothing appears on console. Then if I press the M after some seconds just normal boot. We also try typing "maint" but no luck

v-ealva by L0 Member
  • 3343 Views
  • 2 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks