General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

IPSEC VPN tunnel getting disconnected.

IPSEC VPN tunnel got disconnected abruptly. We need to find out what could have caused this from the logs and adjust the VPN parameters accordingly. From logs i found this. ikemgr.log2021-10-15 03:35:112021-10-15 03:35:11.814 +0000 [PNTF]: { 5: }: ====> PHASE-2 NEGOTIATION STARTED AS RESPONDER, (QUICK MODE) <====ikemgr.log2021-10-15 03:3...

RPrasad3 by L0 Member
  • 5922 Views
  • 2 replies
  • 0 Likes

Adding a port to existing SSN

Hi - I have an existing SSN configured for a device with ports added in Objects, like to add few more ports. what are steps I need follow? Please let me know....Thanks!

Andyz88 by L0 Member
  • 2031 Views
  • 1 replies
  • 0 Likes

problem with userIDAgent in RDP

hello We have a problem with users when they connect in RDP We found a solution whit this KB: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CleBCAS but we have new questions: 1.- Is there a way to know what information the userIDAgent gets from the AD? 2.- Is there any way to limit the type of events it reads (a...

BigPalo by L4 Transporter
  • 2238 Views
  • 1 replies
  • 0 Likes

Resolved! User-ID Agent Connecting Status

Hello team I am facing an issue with User ID and AD . It continuously stays on connecting... however it seems that some user is assigning. Can someone help me? 10/19/21 10:47:24:139[ Info 2357]: ------------Service is being started------------10/19/21 10:47:24:139[ Info 2364]: Os version is 6.2.0.10/19/21 10:47:24:139[ Info 685]: Load debug lo...

Alpalo_0-1634631406756.png
Alpalo_1-1634631536035.png
Alpalo by L4 Transporter
  • 6780 Views
  • 1 replies
  • 0 Likes

Override in URL Filtering is not working

Hi Team, One of the domain is not working even after adding that domain in Allow list in override tab under URL Filtering. I have blocked one URL category in that URLFiltering profile however i have added a website/Domain that needs to allow if also it gets matched with the blocked category and it doesn't worked. So please suggest what can be do...

SahulH by L3 Networker
  • 14971 Views
  • 8 replies
  • 0 Likes

Connection HTTPS / HTTP and SSH not working

I can't connect via SSH HTTP or HTTPS to my PA-500 firewall .I can ping it from my network and that's all .Also , the strange thing it is that from panorama the device is reachable I have checked the traffic -> is allowI have checked management interface -> is allowing my IP addresses + HTTPS SSH and HTTP are ticked . What else could be th...

Nicu21 by L1 Bithead
  • 8485 Views
  • 5 replies
  • 0 Likes

Resolved! Failed to renew device certificate

Sorry, not sure what board to post this on, as it's my first support post. Getting an error on my Primary PaloAlto firewall: Failed to renew device certificate.Failed to send request to CSP server.Error: OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to certificatetrusted.paloaltonetworks.com:443 When I log onto the firewall, it shows th...

esheldon by L0 Member
  • 9061 Views
  • 2 replies
  • 0 Likes

Question about moving objects...

I have some security rules on a device group using shared addresses groups. I need to move these objects to the device group but I'm not finding an easy way so far. I can't simply move the address group, panorama doesn't allow because rules are using the shared group and won't automatically inherit the new location. I can clone the address group...

Evahi21 by L0 Member
  • 2611 Views
  • 1 replies
  • 0 Likes

HA malfunctioned due to data plane down

Hello We have PA-3220 and its running 9.0.12. recently i saw that HA status is showing that "HA malfunctioned due to dataplane failed" and we cannot push any configuration on the firewall due to "dataplane failed" error message. Please suggest what can cause this error. I also see "the dataplane is starting" critical log message under system log...

Resolved! Fan noise on PA-850 gateway

I have a new PA-850 firewall. Its cooling fans are very loud even when idle. Is there a setting where the fan speed can be adjusted?

SSL Decryption and Reddit Posting

Last year I implemented a rule to allow users in my company access to the reddit.com site. It is in our company policy to disallow sharing messages on social media, so I implemented this rule with URL filtering (chat/messages/etc...) and only allowing the appid "reddit-base", not "reddit-posting". This worked at the time, and has stopped functio...

how to monitor PA firewall interface IP address using SNMP monitoring

Below KB don't contain OID 1.3.6.1.2.1.4.20 . I am looking for this OID (provides the addresses and the link to the interfaces you've sent through)to receive firewall interfaces IP address using snmp. https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClaSCAS Please confirm if PANOS 10.0.7 or any PANOS can capable of sendi...

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels