This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4110 Views
  • 0 replies
  • 0 Likes

routed interfaces in vsys1 and virtual wire config in vsys2 possible ?

Hi all, I've not found a conclusive answer in the config guide - although it stands to reason to assume the answer is "yes".In a multi vsys environment can I have a regular deployment in vsys1 (i.e. routed interfaces acting as DGW for my secured vlans) and a bump_in_the wire (vwire) deployment in vsys2 on two dedicated interfaces?Thanks in advan...

VLAN Insertion and subinterface - VLAN1

Hi, I'm new to the community and am trying to assist a customer as they work on a PAN and SW integration for an industrial setup. Customer has setup a L2 network between different industrial devices that seat in different VLANs and are all connected through a L2 HPE Switch. This switch has all 3-4 VLAN's in a trunk to a Palo Alto firewall using ...

Resolved! Delete Vsys

Any advice on deleting a vsys? 7050 OS 9.0.11 Simple as selecting vsys under Device Tab and deleting? Thanks

clewis1 by L3 Networker
  • 6194 Views
  • 6 replies
  • 0 Likes

Regarding threat visibility not being shown.

We have deployed Palo Alto in tap mode to get traffic visibility, we have configured PA VM 100 with active trial license, We have visibility of Traffic logs but the threat logs are not visible. In policy configuration for tap mode we also have assigned threat profile.

Users and group mapping

Hello everybody!Sometimes users' group memberships are not recognized by the firewall integrated user id agent. In the useridd.log we see this message:2019-03-29 10:12:45.317 +0100 Warning: pan_user_group_user_prime_uid_lookup(pan_user_group_multi_attr.c:1314): For tierkonet\adisfo user, domain tierkonet does not exist in group-mappingIt says th...

Help needed for odd situation: Expired licenses interfering with commit?

Here's my situation: We were planning a new firewall installation, but that got some major delays after the start of the pandemic. Now I've noticed that we no longer have a support contract for our PA-5050 cluster (no doubt not renewed because we expected the new installation to be online by now). I wouldn't be too concerned, since we could prob...

mds by L0 Member
  • 2620 Views
  • 1 replies
  • 0 Likes

Resolved! Policy base routing for internal trafique

Hello everyone, I have two ISPs wan1 and wan2, for lan 1 it must go out through wan1 and lan2 through wan2. in the event of a problem with one of the wans, the associated lan will have to exit through the other wan temporarily. To do this, configure them two default routes with different metrics: 0.0.0.0/0 =wan 1 with metric of 10 0.0.0.0/0 = wa...

Capture.PNG

PA-3020 - Error: Threat database handler failed - Commit failed

Hi,Our Palo Alto has been rock solid for years, but last friday we realized we are unable to commit changes. We're pretty sure it started happening with the release of content package version 8462-6955. We hoped this was a one-off and the next upgrade would solve the issue. But all further upgrades have failed & we still can't commit chang...

dmetcalfe_0-1633077153050.png
dmetcalfe_2-1633077302969.png
dmetcalfe_3-1633077547586.png

One IPSec SA Stops Passing Traffic

I have a B2B tunnel with a business partner. There are 22 proxies, all defined host-to-host. The VPN peer is a Cisco firewall, I'm not sure of the model. Phase 2 lifetime is 8 hours. One particular SA stops sending and receiving traffic at each Phase 2 re-negotiation. When this happens the SA shows active on my PA-3250, PAN-OS 9.1.10 and on...

pnelson by L2 Linker
  • 4649 Views
  • 3 replies
  • 0 Likes

PA500 boot error with message "unable to connect to Sysd" and NIC in dataplane does not worked.

The firwall PA500 had a poweroff and boot,and after reboot the PA500 get a error with "Error: sysd_construct_sync_importer(sysd_sync.c:328): sysd_sync_register() failed: (146) Unknown error codeError: unable to connect to Sysd"When the device boot finished,the NIC port on dataplane did not power up and did not work.We could connect PA500 using c...

songjixian_0-1633214175896.png
songjixian_1-1633214215318.png
songjixian_2-1633214453435.png

Resolved! One session is utilizing 5-12% of CPU of my 5220 firewall

One session is utilizing 5-12% of CPU of my 5220 firewall. Session ID: 2155872259 show session id 2155872259 Session 2155872259Bad Key: c2s: 'c2s'Bad Key: s2c: 's2c'index(local): : 8388611I am not able to check the session information. Getting bad Key error. This session causing me extra 5-12 CPU utilazation. I tried clear the session but still...

NijithPN by L1 Bithead
  • 5545 Views
  • 3 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks