This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4258 Views
  • 0 replies
  • 0 Likes

Resolved! Interface 'configured but down'

Hello, I have used interfaces in the past on a PA 3020 that were later disconnected. Those interfaces are still indicated in bright red with the message 'configured but down', including speed/duplex even though nothing is physically connected. As this is distracting, is it possible to reset each to simply grey and "not configured"? Thanks

landoa by L1 Bithead
  • 14170 Views
  • 2 replies
  • 0 Likes

static route not active

Dears, i create IPsec tunnel and add four subnet to it all subnet work good and see the other side but only one subnet not work when i look for show route found its route not active as attached the last subnet172.16.17.0/24 can any one help me

notactive.JPG
mhmad_91 by L0 Member
  • 2703 Views
  • 2 replies
  • 0 Likes

Regarding access between two sites

Hi Guys,I need help regarding access to the Web Server.Firstly, please refer to the image I have attached.Our company has 2 different sites. Site A has a Web Server with two different Websites hosted (let's say xxx.com and zzz.com) and our employees from site B connect to this web server.What we want is if User1 from SiteB connects to our Web Se...

Web Server Access.png
Satyam by L1 Bithead
  • 1892 Views
  • 1 replies
  • 0 Likes

Trouble uploading to tacupload.paloaltonetworks.com with SCP

Hoping someone can help me out. I've been on hold for ever 2 hours now unable to get support 😞 Support wants me to upload some core files to the TAC Upload server directly from the Palo device, but I can't seem to successfully do it from SCP on my Palo device.I tested that it's not a problem with the credentials by visiting tacupload.paloalton...

BHygaard by L0 Member
  • 3040 Views
  • 1 replies
  • 0 Likes

Resolved! dataplane is not up or invalid target-dp | Upgrade from 9.0.15 to version 10.X

Ran into errors with our Palo Alto PA-3250-1 after starting the upgrade process to version 10, dataplane is not up or invalid target-dp On phone with TAC (been on hold for hours, waiting for engineer). Has anyone ran into similar issues? Searched online, very few articles. We attempted reboots and restarting dataplane, issue not resolved.

SBozley by L1 Bithead
  • 8122 Views
  • 3 replies
  • 0 Likes

Configuring PA-5250 to act as gateway for guest wireless

Hi All, I'm attempting to configure a 5250 to act as the gateway and DHCP server for my guest wireless. I have a Cisco 9800 WLC directly connected via fiber from Gi0/2 to Eth1/15 on the 5250 over VLAN 825. I then created VLAN 825 on the 5250 as an SVI and associated it with Eth1/15. I have a DHCP server setup to hand out IPs from the 10.14.0.0/1...

Agentless User ID based network administration control using Windows AD server for PAN-OS

Hi All,I am looking for information on if we can use PAN-OS to do user ID based authentication for network administration control. For example, if user are working from home or remote location, getting users authenticated via PA Firewalls by integrating PA FW with AD server. Question I am stuck at is, how policy will look like. I want only this ...

Richa-L by L0 Member
  • 1900 Views
  • 1 replies
  • 0 Likes

URL Filter Security Policy Structure

Hello all. New to PAN, and after reviewing the documentation on URL Filtering, I'm confused on the best practice deployment of the policy structure. Here's what I mean: Let's say I want to break out the policies into multiple granular policies for custom exceptions. It would look something like this: 1) URL Filter Policy: "Vendor Safelist"Custom...

Resolved! Threat log spammed with "Non-RFC Compliant DNS Traffic on Port 53/5353"

A couple days ago, the threatvault added threat id 56505, and since then our threat log is getting spammed with the vulnerability type Non-RFC Compliant DNS Traffic on Port 53/5353 (informational). We use dnscrypt, and every single DNS request is now showing up in the threat log. First of all, is this a false positive? And if so, how do I preven...

Maxstr by L3 Networker
  • 31975 Views
  • 4 replies
  • 0 Likes

session_end_reason eq decrypt-error

I have a high number of sessions, for various webservers and clients, being closed due to decrypt-error. I've attempted to follow the tips from this document, but I'm still not clear on root cause: https://live.paloaltonetworks.com/t5/Configuration-Articles/PAN-OS-7-1-New-session-end-reasons/ta-p/73289 Need help identifying why sessions are endi...

AmyTyler by L2 Linker
  • 17347 Views
  • 6 replies
  • 0 Likes

Query regarding upgrade Path to 8.1.21-h1

I have a PA-500 device running on 8.1.20 currently .From this version can we jump directly to 8.1.21-h1 Or we need to go via intermediate path ?(8.1.20 >8.1.21>8.1.21-h1)Also not able to see any Palo Alto reference article about upgrade path , Is it available ?

AVG132 by L0 Member
  • 2454 Views
  • 2 replies
  • 0 Likes

Resolved! aggregate interface

Hi all, I would like to have the community opinion on two different setups and which one is the recommended by PA, i have looked for documentation about this and i cannot find a straight answer. All i could find was: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008V36CAE&lang=en_US%E2%80%A9 This document states, ...

Blank Setup page after downgrade from 10.0 to 9.1

Hi there, Using a VM-50 that has been running fine on 10.0.2 until there was a need to downgrade the VM.After taking backups then downgrading to the 9.1 feature release, the Setup page in the UI is now blank.I have tried upgrading/downgrading to various 9.1.x feature releases and committed several different configurations to no effect.The setup ...

warface by L1 Bithead
  • 12740 Views
  • 16 replies
  • 0 Likes
  • 24362 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks