This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4224 Views
  • 0 replies
  • 0 Likes

bgp troubleshooting

Hi I'm having issues with bgp routes not propagating I know that I can click on view routes under the virtual router section, but was wondering if I could see the bgp errors in syslog, doesn't seem like I know the search string if that is possible, or if I have to run the debug command at the CLI.

mpugina by L0 Member
  • 11344 Views
  • 1 replies
  • 0 Likes

PA default interface state

Hello community 🙂I've been searching but couldn't find an answer so:What is the default interface state (out of the box firewall)? Is it forwarding L2 packets? Can I create a L2 loop by connecting two interfaces between FW & a switch?

PANOS 10.x - share interface in Multi-vSYS mode

Hello All, We are working on a design to move Cisco ASAs firewalls into PA 5260 with Multi-vSys mode enabled, so each Cisco ASA is a separate vSys. While everything else looks like nice and easy-to-convert, we have problems with shared interface. In Cisco world multicontext ASA might have interface in same VLAN X and SUBNET Y on each context ea...

Problem reaching MGMT by vpn

HelloA few days ago we upgraded from version 9.0.10 to 9.0.14, after that we lost the management from the VPN S2S, everything is fine , however, in the connections we see that there is no response from the Firewall to our queries. In the monitor we only saw the incomplete application and in the packet captures we only saw the SYN and retransmiss...

Resolved! Palo Alto Apps / Hub unreachable for days

I've been trying to access the Apps hub (https://apps.paloaltonetworks.com/) for days now and I keep getting this error:{"statusCode":500,"error":"Internal Server Error","message":"An internal server error occurred"}Is there any ETA when this issue will be resolved?

Replace firewall order

I have a question about upgrading a firewall to new model. I've done it in the past but always seem to forget the order. I have a firewall that is managed by Panorama, with some local policies also. I have downloaded the device state from the existing firewall. I have also added the serial number of new firewall to Panorama but I have not con...

ce1028 by L4 Transporter
  • 3818 Views
  • 4 replies
  • 0 Likes

Disk-Space issue

Hi Team,We are using PA-3020 and the disk space is usually used upto 95% and we have enabled agressive cleaning as well as we do manual cleaning once a week where the disk-space utilisation is below 95% and in a week it gets utilised upto 95%.we need to upgrade the firewall to 9.1 platform whether we will face the same issue.

HTTP2 allowed without strip alpn enable

Dear Team One of my customers wants HTTP2 benefits with decryption enable.The customer don't want to enable the strip ALPN because it Downgrades to HTTP1.1 Can we do decryption with HTTP2 Downgrade with decryption?

Logged in Admins _cliuser normal?

Hi there, Today I accidentally discovered the user _cliuser in the widget Logged in Admins on the dashboard of our Palo Alto Firewall. After a few seconds it was gone.Unfortunately, I didn't find anything through the search, and seeing this for the first time, I'm confused.Is that normal? Thank you.

kenanuenal_0-1633340167871.png

Layer 2 tunnel on a Palo alto

Can you create a layer 2 tunnel on a palo alto 3050? Is a layer 3 tunnel better than a layer 2 tunnel? Is a layer 2 tunnel more of a private or direction connection than a layer 3?

jdprovine by L4 Transporter
  • 7732 Views
  • 3 replies
  • 0 Likes

Experience/feedback with VLAN insertion design for East-West traffic segregation

Experience/feedback with VLAN insertion design for East-West traffic segregation We are planning to leverage the VLAN insertion design for achieving micro segmentation in out OT network. just thought of checking within the Live community team for any feedback, caveats based on your experience with similar implemetation. Thank you. https://www....

PratheeshP_0-1633468112522.jpeg

routed interfaces in vsys1 and virtual wire config in vsys2 possible ?

Hi all, I've not found a conclusive answer in the config guide - although it stands to reason to assume the answer is "yes".In a multi vsys environment can I have a regular deployment in vsys1 (i.e. routed interfaces acting as DGW for my secured vlans) and a bump_in_the wire (vwire) deployment in vsys2 on two dedicated interfaces?Thanks in advan...

VLAN Insertion and subinterface - VLAN1

Hi, I'm new to the community and am trying to assist a customer as they work on a PAN and SW integration for an industrial setup. Customer has setup a L2 network between different industrial devices that seat in different VLANs and are all connected through a L2 HPE Switch. This switch has all 3-4 VLAN's in a trunk to a Palo Alto firewall using ...

Resolved! Delete Vsys

Any advice on deleting a vsys? 7050 OS 9.0.11 Simple as selecting vsys under Device Tab and deleting? Thanks

clewis1 by L3 Networker
  • 6297 Views
  • 6 replies
  • 0 Likes

Regarding threat visibility not being shown.

We have deployed Palo Alto in tap mode to get traffic visibility, we have configured PA VM 100 with active trial license, We have visibility of Traffic logs but the threat logs are not visible. In policy configuration for tap mode we also have assigned threat profile.

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks