This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4437 Views
  • 0 replies
  • 0 Likes

CTD usage and commit and update errors

VM-300, 10.0.8-h4 on KVM.At one point issue with commit showed up:Error: Error reading signature DFA datafailed to handle CONFIG_UPDATE_STARTAlso updates for Wildfire & Apps/Threats were not being installed. HA sync started to fail.It was concluded that CTD resource usage is high - show system setting ctd state, Content Allocator Usage was 1...

nikoo by L3 Networker
  • 3991 Views
  • 1 replies
  • 0 Likes

Does Palo Alto support URL rewrite option ?

I have a query is When any user (OUTSIDE/INSIDE) accessing the URL or application like JIRA and CONFLUENCE which is hosted on the AWS server on the internet. that user's traffic hit into the ON- Premises data center instead of the internet and should be inspected by the ON-Premises DLP server. Also, to make this possible on the basis URL rewrite...

sagjoshi by L0 Member
  • 3293 Views
  • 1 replies
  • 0 Likes

Resolved! Allow streaming media of news category.

Hi everyone, One of our customer Has a requirement to block all streaming media but wants to allow streaming from news category,eg suppose any news channel is redirecting to youtube or any streaming sites it should be allowed but if user is trying to reach directly to youtube or any other streaming it should be blocked. streaming sites redirect...

KashifSh by L1 Bithead
  • 3843 Views
  • 2 replies
  • 0 Likes

ESXi deployment question for Palo -VM series (L3 Mode)

I'm having trouble interpreting this link for deployment scenarios of the vm series Palo Firewalls. Looking for clarification...https://docs.paloaltonetworks.com/vm-series/10-1/vm-series-deployment/set-up-a-vm-series-firewall-on-an-esxi-server/supported-deployments-on-vmware-vsphere-hypervisor-esxi.html We have an ESXi cluster with 3 hosts runn...

geewiss by L2 Linker
  • 5924 Views
  • 10 replies
  • 0 Likes

Security Advice on SSH & SSL/TLS week ciphers

Hi Team, I have few queries to be addressed. We have changed the SSL/TLS version using CLI to TLS 1.2 but when we run the scan we can see TLS 1.1 is also running at the back-end. We need to check which SSL/TLS version is running using CLI of the Firewall.What command needs to be used to check the current TLS version of the firewall? in CLI Secon...

Restoring Configuration Between Platforms?

Is it possible to restore a backup configuration from say a PA5000 series to a PA3000 series? I know there are obviously interface differences between the platforms, and I couldn't find any recent documentation explaining if this is possible. Thank you.

Policy audit comment in cli

Do you know how can we configure and view Panorama security policy audit comments in the cli or another way for bulk applying comments to policies. I will modify policies in bulk using the cli set commands, but also want to add audit comment to all the policies with the change description, but I can't find the cli option for it.

batd2 by L4 Transporter
  • 5657 Views
  • 3 replies
  • 0 Likes

Active cluster

Hello , We have a customer having Active /active cluster . The Panorama lies in another country : The nodes of cluster use the traffic interface ( and not management interface)to reach Panorama , and at firewall we do the NAT , so that on Panorama natted IP is visible But for some reason , we only see 1 node connected and 2nd one disconnected ...

Resolved! Upgrading from 3220 to 3250

Is there a means of copying all configuration from a 3220 PAN to a 3250 including the certificates? The main impetus to upgrade would be to accommodate more Global Protect tunnels (2048 insteadof 1024.) I'm trying to understand what that migration might look like. TY

Firewall drops VSS-Management trailer due to Layer 4 checksum enabled

This is not an issue, but a general document about an issue that we experience with a customer last weekend. The issue is not well documented by Palo TAC and it took us the help of another customer who experienced the same issue with the same application vendor. One of our Electronic access systems stopped working after changing the perimeter fi...

VarunRao_0-1597719204504.png
VarunRao_1-1597720335639.png
VarunRao by L2 Linker
  • 11483 Views
  • 7 replies
  • 4 Likes
  • 24374 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks