This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4237 Views
  • 0 replies
  • 0 Likes

PA3020 Replacement

I am planning to replace my HA pair of 3020 with PA-460s...what are you thoughts on this? I feel like the 460s are for branch offices and not data center although the specs are better or similar to 3020...they don't support LACP and they don't have dedicated HA ports...thoughts?PA-4605.2/4.7 Gbps firewall throughput (HTTP/appmix)2.4/2.6 Gbps thr...

Anees10 by L1 Bithead
  • 8260 Views
  • 7 replies
  • 0 Likes

Resolved! Terminal Server agent internet not working

Hi Team, We have configured the terminal server agent and tested it out for few agents and it was successful. But, for the same user's internet was not working some times. Agents version is the latest version. Have checked the source port allocation and their count is not exceeded. But still, somewhere it's misbehaving in mapping the IP-user-por...

VishnuPS by L3 Networker
  • 6950 Views
  • 8 replies
  • 0 Likes

Resolved! How to identified the APP on APP ID

Hello, I would like to know how to identified the application of the paloalto APP ID. When this application is using the ssl encryption, how this PA identified the APP name?

PA-3020 - Error: Threat database handler failed - Commit failed

Hello,We have a PA-3020 running FW 7.1.24 on an end of life infrastructure to be shutdown by the end of year. This PA-3020 has no longer any subscriptions/support. We are in need to enable a Security Policy for a few hours and found we can't commit due to the Threat Database Handler failed message.I see several posts and KB Articles regarding th...

tir7436 by L0 Member
  • 2587 Views
  • 1 replies
  • 0 Likes

2 OSPF process

Dear Community, I have 2 OSPF process on AsA, now I wont to replace Asa with PA, as I know PA only can run one OSPF process. Is it possible to solved this? Thank you in advance.

Dadonis by L0 Member
  • 1917 Views
  • 1 replies
  • 0 Likes

Hiding Global Protect version

Hello , for one of our customer , they did some pentest and came back with a report that our Global Protect Portal shows the version of GP They advised if is it possible to hide GP version info . When a user opens the GP Portal , version info is not displayed . But could be with pentest/VA tool it is So is there a way to completely hide version...

PBF Without Gateway

PBG without gateway Good afternoon, is it possible to configure a PBF, without specifying the gateway IP address, just apply the outgoing interface and that's it? is this possible ? I remain attentive, thank you very much. Best regards

Metgatz by L4 Transporter
  • 1981 Views
  • 1 replies
  • 0 Likes

Resolved! BGP Loose Route

Dear, good evening, can someone please help me. I have two Palo Alto configured by BGP and I am sending some routes via bgp and they appear as "loose ?" what can I do in this case, how do I solve this problem? Thank you in advance for your support. Best regards

2021-11-05 23_47_22-PA-VM.png
2021-11-05 23_47_02-PA-VM.png
Palo Alto_BGP.png
Metgatz by L4 Transporter
  • 8262 Views
  • 3 replies
  • 0 Likes

2 VM series HA Setup in Azure with ELB

Hi all, I've setup 2 VM series in a sandwich topology and want to know the following in terms of the setup:How to configure the 2 virtual routers being trust and untrust for the static routes that point to the ELB?How to configure the NAT for outbound traffic?What are the advantages of having a ILB, if there's no applications that require LB, th...

Dynam0 by L1 Bithead
  • 2225 Views
  • 1 replies
  • 0 Likes

Renewing a Subordinate CA Certificate for firewall, issued by MS Server Enterprise CA

Hi, I've been looking all over for some guidance on this, without much joy. I am trying to renew a subordinate-CA certificate on a firewall, that was issued by a Windows Server Enterprise CA. Obviously there is no Renew function on the firewall for that cert as it was externally issued - and it appears on Windows server you can only renew Subord...

syslog server logs

Hello, I am facing an issue to get the alerts for my syslog server ( description contains 'Syslog connection broken to server[\'AF_INET.127.0.0.1:2625.\']' ) every two hours I am getting alerts. i checked the sys-ng.log and took the packet capture but I can see the same error. Below is the configuration:-sys log Server IP- 192.1681.1protocol - U...

Jafar_Hussain_0-1636027177713.png

LAN to Portal/Gateway Externo same Firewall

Dear:Good afternoon, is it possible from my LAN network, to connect via Global Protect, to the external portal/gateway of my Firewall ? I tried, despite having the permissions at the policy level and it fails to establish a connection.Is it strictly necessary to have an internal gateway for this? To connect from my LAN to an Internal or should I...

Metgatz by L4 Transporter
  • 2173 Views
  • 1 replies
  • 0 Likes
  • 24358 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks