This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4466 Views
  • 0 replies
  • 0 Likes

ERR_HTTP2_PROTOCOL_ERROR

Hi,We have recently upgraded our PA3200 to 10.1.2 and while we try to access a few sites are not accessible. SSL Decryption has been disabled globally. Still, while we access the URL from our network on any browser we get the above error. I have tried adding the URL in the SSL Decryption exclusion list to see if that resolve the issue it did not...

High Logging Rate

As seen on Panorama > Managed Devices > Health I have a few firewalls that are always in the red with a 15-Day average over 15000. What is the easiest way/best way to bring that down? Is it even an issue? Should the fix be on the Panorama side or FW side?

Resolved! CVE-2021-3059 - clarity on disabling dynamic updates

The Security Advisory for CVE-2021-3059 suggests disabling dynamic updates as a workaround for the vulnerability. However, it specifically says to go to the Device Deployment > Dynamic Updates interface (which is in the Panorama tab of my deployment). How is that different than if you have schedules set under the Device Tab > Dynamic Upd...

SIP ALG need to be disabled

We need to block SIP ALG on our firewall which is running 10.0.7.Which does not have the option to disable under object---->Application---> SIP.I came across with this documenthttps://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClEsCAK which stated to disable the SIP ALG but as this PAN OS doesnt have the option pleas...

Frequency of l2ctrld.log entries

We have a case open with TAC at this time, and they noticed when looking for LACP issues that our l2ctrld.log on a few firewalls have not updated in some time - some have entries in the last day, others have not had any updates for over a week. I have been trying to find confirmation on what all will trigger the l2ctrld daemon to add to this log...

hhorsley by L0 Member
  • 2774 Views
  • 1 replies
  • 0 Likes

ping -a not resolving name anymore

Hello Bro, In our network we used to be in the same vlan of our employees endpoint and we used to use the command ping -a x.x.x.xto resolve the name of the pinged IP.after we have moved our PCs "admins" to a different zone, now we can't use this command anymore, the ping is working but the paramenter -a is not getting any names.knowi...

Syslog Forwarding to different log server

Hi All, We need to forward Logging to SIEM server which is routed via Ethernet1/2 , We are already having service route configuration for forwarding logs to our own Syslog Server via management interface, Any option to have this connectivity in place.

get this message with External EDL server

I have multiple firewalls that are connected to my linux EDL server to retrieve both IP address and URL list. I am using http and not https and the firewall is scheduled to pull the data every hours from the EDL web server. on the firewall system logs, I see messages in "medium" catergory like this: "description contains 'EDL(EDL_Whitelist_IPs...

dtran by L4 Transporter
  • 7176 Views
  • 5 replies
  • 0 Likes

Resolved! 3CX (Phone System) calls are disconnecting randomly

Dear Community Team, One of the customer is facing issues on 3CX call system after upgrading to new firewall PA-3220 recently. It was Forcepoint Firewall used by the customer earlier and working fine. Note: 3CX is a software-based private branch exchange based on the SIP standard. Setup:- 3CX server has been hosted outside with public IP directl...

Resolved! Remove Duplicate Address Objects

I have a number of address/service objects configured as Shared that were pushed to all firewalls. As part of a hardware refresh, a firewall was imported into Panorama into a new device group. The end result is now a lot of the Shared objects also exist duplicated in the device group. I'd like to get rid of the all the duplicate objects in th...

Resolved! Questioning about unsupported cipher suite for SSL Decryption

Hello guys.I have installed SSL decryption policy, which is forward proxy, for particular users. It's working fine but some problem occurred. Korean messenger application called kakao-talk for PC is not being able to login during forward-proxy SSL decryption policy applied. So I tried to capture the PCAPs for kakao-talk login function and they w...

Resolved! How to view the "others" in ACC Network Activity Source IP Activity

For the screen cap below I filtered the destination IP to one particular server. This Source IP Network Activity widget is showing me the first 10 IPs thattalked to it. But then all the other sessions are summarized as "others". I want to know all the IPs and to then export that information. Clickingon "others" doesn't seem to do the trick. If I...

MichaelMedwid_0-1636505380395.png

Resolved! Active Directory Users & Computers Latency with GlobalProtect

Hello Allanyone still experiencing high latency with ADUC, i tried several version of globalprotect, including the recent one 5.2.3-22, it takes me 5 to 10 min to search/display in AD users and computers. this issue keeps happening and did not see any concrete resolution from Palo Alto.the only version from what i tried which does not have this ...

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks