This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4440 Views
  • 0 replies
  • 0 Likes

Logged in Admins _cliuser normal?

Hi there, Today I accidentally discovered the user _cliuser in the widget Logged in Admins on the dashboard of our Palo Alto Firewall. After a few seconds it was gone.Unfortunately, I didn't find anything through the search, and seeing this for the first time, I'm confused.Is that normal? Thank you.

kenanuenal_0-1633340167871.png

Layer 2 tunnel on a Palo alto

Can you create a layer 2 tunnel on a palo alto 3050? Is a layer 3 tunnel better than a layer 2 tunnel? Is a layer 2 tunnel more of a private or direction connection than a layer 3?

jdprovine by L4 Transporter
  • 7791 Views
  • 3 replies
  • 0 Likes

Experience/feedback with VLAN insertion design for East-West traffic segregation

Experience/feedback with VLAN insertion design for East-West traffic segregation We are planning to leverage the VLAN insertion design for achieving micro segmentation in out OT network. just thought of checking within the Live community team for any feedback, caveats based on your experience with similar implemetation. Thank you. https://www....

PratheeshP_0-1633468112522.jpeg

routed interfaces in vsys1 and virtual wire config in vsys2 possible ?

Hi all, I've not found a conclusive answer in the config guide - although it stands to reason to assume the answer is "yes".In a multi vsys environment can I have a regular deployment in vsys1 (i.e. routed interfaces acting as DGW for my secured vlans) and a bump_in_the wire (vwire) deployment in vsys2 on two dedicated interfaces?Thanks in advan...

VLAN Insertion and subinterface - VLAN1

Hi, I'm new to the community and am trying to assist a customer as they work on a PAN and SW integration for an industrial setup. Customer has setup a L2 network between different industrial devices that seat in different VLANs and are all connected through a L2 HPE Switch. This switch has all 3-4 VLAN's in a trunk to a Palo Alto firewall using ...

Resolved! Delete Vsys

Any advice on deleting a vsys? 7050 OS 9.0.11 Simple as selecting vsys under Device Tab and deleting? Thanks

clewis1 by L3 Networker
  • 6385 Views
  • 6 replies
  • 0 Likes

Regarding threat visibility not being shown.

We have deployed Palo Alto in tap mode to get traffic visibility, we have configured PA VM 100 with active trial license, We have visibility of Traffic logs but the threat logs are not visible. In policy configuration for tap mode we also have assigned threat profile.

Users and group mapping

Hello everybody!Sometimes users' group memberships are not recognized by the firewall integrated user id agent. In the useridd.log we see this message:2019-03-29 10:12:45.317 +0100 Warning: pan_user_group_user_prime_uid_lookup(pan_user_group_multi_attr.c:1314): For tierkonet\adisfo user, domain tierkonet does not exist in group-mappingIt says th...

Help needed for odd situation: Expired licenses interfering with commit?

Here's my situation: We were planning a new firewall installation, but that got some major delays after the start of the pandemic. Now I've noticed that we no longer have a support contract for our PA-5050 cluster (no doubt not renewed because we expected the new installation to be online by now). I wouldn't be too concerned, since we could prob...

mds by L0 Member
  • 2695 Views
  • 1 replies
  • 0 Likes

Resolved! Policy base routing for internal trafique

Hello everyone, I have two ISPs wan1 and wan2, for lan 1 it must go out through wan1 and lan2 through wan2. in the event of a problem with one of the wans, the associated lan will have to exit through the other wan temporarily. To do this, configure them two default routes with different metrics: 0.0.0.0/0 =wan 1 with metric of 10 0.0.0.0/0 = wa...

Capture.PNG

PA-3020 - Error: Threat database handler failed - Commit failed

Hi,Our Palo Alto has been rock solid for years, but last friday we realized we are unable to commit changes. We're pretty sure it started happening with the release of content package version 8462-6955. We hoped this was a one-off and the next upgrade would solve the issue. But all further upgrades have failed & we still can't commit chang...

dmetcalfe_0-1633077153050.png
dmetcalfe_2-1633077302969.png
dmetcalfe_3-1633077547586.png

One IPSec SA Stops Passing Traffic

I have a B2B tunnel with a business partner. There are 22 proxies, all defined host-to-host. The VPN peer is a Cisco firewall, I'm not sure of the model. Phase 2 lifetime is 8 hours. One particular SA stops sending and receiving traffic at each Phase 2 re-negotiation. When this happens the SA shows active on my PA-3250, PAN-OS 9.1.10 and on...

pnelson by L2 Linker
  • 4782 Views
  • 3 replies
  • 0 Likes
  • 24375 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks