This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

Ipsec tunnel issue

there are two location site a and b in which i created a ipsec tunnel between them its up.As i ping there LAN IP i am able to ping. there LAN networkSite A LAN network is 192.168.4.x/24 Site B LAN network is 192.168.x.1/24.I am able to ping both the interfaces by cli and also check logs that are going through a tunnel.But the issue there are IPs...

Could Sophos in house users connect to GP of PA firewall

Hi Team I have a concer where we have a scenario.(Branch office )Sophos -----------ipsec----------- PA(head office) Could Sophos users that is branch office inhouse users connect to GP configured in Palo Alto firewall which is in head office. This communication should be via internal gateway not the external gateway. We have IPsec tunnel in plac...

Resolved! pandb-database will not install on Pan_OS 9.0.x

I have a couple of firewalls that are running Pan-OS 9.0.3 that I cannot get the pandb-database to install and update. At least I cannot prove that it is downloading and active. Until 9/30/19, the 9.0 docs for this were the same as the 8.1 docs. According to the new docs, it looks like PANDB is active, but when I check the status on 9.0, it show...

Resolved! What Panorama Mode should I be in?

I have two Panorama Servers, let's call them North01Pano and South01Pano. I also have two Log Collectors, let's call them North02Pano and South02Pano. Obviously the two LC's are system-mode: Logger. What is the preferred mode for the 01's and why?

Resolved! Obtaining Commit logs from vm-series

Hi All, Can someone guide me to where I can obtain an export of all the configuration changes made on the firewall and potentially export this into a csv?

Mr8023 by L1 Bithead
  • 5352 Views
  • 2 replies
  • 0 Likes

email alert

Is there anyway to have the palo email me when a rule has been enabled for a certain period of time? If not, is there anyway to do it via API? There has to be a way, yes?

Software failed to fetch the PANOS from server

Hey guys hope you doing well One of my customer have an issue to fetch PANOS version.PA-220 Current version 10.0.0The dynamic updates are not up to date as i see the latest dynamic updates installed on her firewall are month of april 2021.Also i am not able to fetch the latest PANOS.I checked the service route and policy for PANOS upgrade.Also ...

Palo alto application for practice.

Hi guys,I am studying currently for PCNSE certification. What palo alto application I should download if I want to practice? I am using an apple computer. I would appreciated if someone can send me a link about it. Thanks in advance

cannot commit - failure parsing config response module dhcpd

I cannot commit changes on a PA-850 running 10.1.3The error message shows below. What is the cause of this error?---DetailsFailure parsing config response (Module: dhcpd)client dhcpd phase 1 failureCommit failed---Duplicate certificate subject foundWarning: tunnel tunnel.2 ipv6 is not enabled. IPv6 address will be ignored!

SSL-decrypt resources needed

Hi, We are enabling SSL-decrypt for several categories in our FW. We realised that the CPU and memory increased since this config, but its so far about the maximum in datasheet for PA3050. How can we know the SSL decypt consumes and try to have any reference about this?

BigPalo by L4 Transporter
  • 3162 Views
  • 3 replies
  • 0 Likes

High managment CPU and commit is taking too long time.

2Dears, i have PA-220 with running 10.0.x, version I am observing the management CPU is constantly reach up to high 100%. when I check the system resources the PAN_TASK process is always taking high CPU utilization up to 100%.I downgrade the firewall is 9.1.4 and 9.1.9 but the same issue is happening,As well as I checked while committing the PA ...

An interesting POC using Palos

Just watched an interesting way of hiding C2 traffic which bypasses Palos in the demonstration. Would be good to know if there is solution to capture this.https://www.youtube.com/watch?v=eVr0kKdgM2I

raji_toor by L4 Transporter
  • 2830 Views
  • 4 replies
  • 0 Likes

Automatic disconnection of GP according to user activity

Hi, I have a requirement where two scenario, Branch office and Head Office. ++Branch office has Sophos firewall and Head office have Palo alto firewall.++Branch office users are enforced with using Global Protect when they are outside of the organization that is BO(Work From Home). Which the GP will directly connect with HO.++When the same user ...

Traffic Deny due to DNS?

Hello, I was given a chunk of IP addresses and domains/urls to update into an existing blacklist on the firewall. I go to objects and create ip-netmask for ip addresses and FQDN objects for domains/urls. Some of the domains i received come in the form of url like "xxxxxx.xxx.com/*" and "https://xxxxxxxx.com/xxxx/xxxx.zip " I decided to create...

dnserror.png
Kenchh by L0 Member
  • 3337 Views
  • 1 replies
  • 0 Likes

Rendezvous Point query

Hi Team, We have already used one interface for RP can we use one more interface to configure RP ??please find below snapshor for reference

GideonKonga_0-1638293621158.png
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks