This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Resolved! Panorama with log collectors

Here is the set up. Palo FW HA pairs send logs to Panorama and Log Collectors. Log Collectors send logs to long term archival (LTA) such as LogRhythm. Here is the issue, long term storage is not seeing the latest logs. I guess what I don't understand is the timing. When/how often are logs sent from the FW's to Panorama/Loggers and then when/...

Resolved! Releasing and reassigning VM-50 pa-vm license key

purchase a VM-50 lab bundle last year. pa-vm license was "perpetual", while the other components were 1YR subscriptions. Subscription expired on 7 October 2021.the previously licensed was "destroyed" ☹️ before it could be properly deactivated. I am looking for advice on how i can get PA Support to make the change that would permit me to acti...

MAAXIT by L1 Bithead
  • 3756 Views
  • 3 replies
  • 0 Likes

Best practices - Schedule - allow and block Traffic

Greetings (apologies in advance if this is a bit long) Could i have some advice on what would be considered best practice for allowing and blocking certain traffic at certain times. As a school (K-12) that has Day Scholars, boarder Scholars, live in staff and different privilege's for different aged scholars, i need some advice on the best way t...

Real Time Traffic on PA Interface

Hi All, I am stucked with very basic requirement on Palo-alto firewall. Would like to know how to check the traffic statistics on PA Interfaces as requirement is to check the current live traffic on specific Interface. Followed some articles available on Internet. But none of them are correct or useful. They referring to Network -> QoS fo...

Jimmy20 by L2 Linker
  • 3819 Views
  • 1 replies
  • 0 Likes

DHCP relay issue

Hello all, I have an issue with the DHCP. I have DHCP relay configured on the device (PA820), remote windows server, connectivity and policy permitting DHCP traffic.The problem is that the traffic is sill dropped by the FW, classified as not applicable. Can someone advice ? Thank you in advance!

Screenshot 2021-11-25 at 11.56.38.png
Screenshot 2021-11-25 at 11.58.01.png
stef by L2 Linker
  • 7954 Views
  • 2 replies
  • 0 Likes

Error on generating system logs

i just upgraded to 9.1.11 from 9.1.10 and i get a pop up message saying "Error on generating system logs" but the logs shows up fine and updatedis this a bug ? there isn't an error in the system monitor and i checked the known issues but it wasn't in them

perr.png
LAS by L2 Linker
  • 35699 Views
  • 33 replies
  • 3 Likes

DNS Proxy technical details?

I am checking out DNS proxy as a possible use case. We have a requirement to log DNS requests that include the true source info. We have a few environments with wireless clients that will not otherwise have our normal agents or tools installed in order to get DNS info. If it goes through the firewall for DNS proxy, where are the logs tied to the...

External ping to public ip of secondary ISP interface.

I am having issues allowing pings on my secondary ISP interface. I have a dual ISP set up with my main connection a 10gbit connection with ISP1 and a backup 1gbit with ISP2. I am currently using path monitoring for internet failover and I also have a few PBF rules for some traffic to leave through ISP2. I was asked by ISP2 to allow ICMP for thei...

Dyardley by L0 Member
  • 5012 Views
  • 2 replies
  • 0 Likes

Resolved! URL filtering feature in PA 3220

Hi All, I would really appreciate if someone can let me know whether URL filtering feature is enabled by default in PA 3220 or Pan OS 10 or a subscription for URL filtering have to be purchased. Is there any default URL filtering features available in Pan OS 10? Really appreciate your comments. Thank you,Gayan Samarakoon

How to shun/block an IP address for a period of time

I've worked with several traditional IPS in the past and there is always a way to create rules that shun or block a source IP address for some period before automatically resetting. It is especially useful for stopping automated bots that are just probing for flaws across the Internet.Specifically, I'd like to create a rule that will monitor fo...

njoyzrd by L1 Bithead
  • 10358 Views
  • 4 replies
  • 1 Likes

PAN-171203 issue and latest 9.0.x releases

Hello everybody, as all you know, yesterday (or today, in US) were released updates to all PAN-OS versions addressing some issues, but I really have trouble with the PAN-171203 one. As per the PAN-OS 9.0.14-h3 Addressed Issues page (https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-release-notes/pan-os-9-0-addressed-issues/pan-os-9-0-14-h3-a...

grenzi by L3 Networker
  • 3227 Views
  • 2 replies
  • 0 Likes

Unable to SSH to Passive firewall, GUI OK

hello everyone,I lost SSH access to my PA-3020 passive firewall on mgmt. interface.. I can access it via GUI.for Active Firewall, both SSH and GUI are OK.I think it happened after I did fixing weak ciphers and keys on mgmt. interface. interface for SSH access.I did the following procedure on both active/passive FW.https://knowledgebase.paloalto...

zinkt101 by L1 Bithead
  • 8044 Views
  • 2 replies
  • 0 Likes

Need help understanding how to setup conditions for Firewalls

As it stands m firewall looks at rules in a sequential sense and applies rules in that way. meaning if it reaches a Deny it will immediately cancel a packet (which isn't necessarily bad) but it also means if a rule permits a user to do something interferes with another that denies him something - the user will get access to things they shouldn't...

Resolved! Unable to see groups in group mapping setting in Palo alto

Group with three to 4 user was added in ad with group name (vpn group for laptop) and this group was under OU group id, but in group id i was able to see groups till alphabet N ,so tested creating Group with group name (ATEST users) i was able to see this group ,but (vpn group for laptop) this group was not visibleTried all below commands:->s...

live community_ss_ad.PNG
KashifSh by L1 Bithead
  • 4131 Views
  • 2 replies
  • 0 Likes

Resolved! RADIUS Server failover not working via Authentication Profile

I have two servers listed in my RADIUS Server Profile.If I shutdown RADIUS on the server that is first in the list I do not see my firewall attempt authentication to the second server. Authentication fails.If I completely shutdown the first server in the list I do not see any attempts to authenticate to the second server. Authentication fails....

ebonjour by L2 Linker
  • 26260 Views
  • 14 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks