This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4112 Views
  • 0 replies
  • 0 Likes

PA-220 HA - License Required?

I intend to purchase two new PA-220s in my company and want to set them up in a high available configuration in case one dies. Is there a license that's required? Sorry.. very new to PA and just trying to learn.

Jack45 by L1 Bithead
  • 5041 Views
  • 3 replies
  • 0 Likes

Alert for static route failure.

I have a PA 3220 with two static routes, the two routes have different AD, Path monitoring has been configured in first static route with premtion enabled, my query is that can we generate email alert for the primary route down and secondary route down given that no Path monitoring has been configured for the second route in PA.

A very weird issue

I have LinuxA (redhat 6.10) and LinuxB (CentOS 7.9) sitting in ZoneA accessing LinuxC (Ubuntu 20.x) sitting in ZoneB on http port without any NAT, jut routing and we have firewall rule to allow tcp port 80 (application ANY) for LinuxA and LinuB to communicate with LinuxC on tcp port 80. The PAN firewall is PA-5250 running PANOS 9.1.10 From Linu...

dtran by L4 Transporter
  • 2965 Views
  • 2 replies
  • 0 Likes

Resolved! zone protecton reconnaissance not capturing obvious threat

Hello, We are in the initial stages of setting up zone protection renaissance, and still playing with threshold and event values (currently set to 30sec, 5event). I am also set to block the IP, for a small amount time, as we continue to adjust and become more stringent. I noticed within the Traffic Log the following: From Traffic Log As you ca...

Sherm_0-1631902886853.png
Sherm_1-1631903470957.png
Sherm by L1 Bithead
  • 5794 Views
  • 5 replies
  • 0 Likes

Found a bug?

Earlier I posted and asked if there were any technical considerations for renaming a DG. I decided to rename two of them and validate on Panorama to see if it through any errors, it didn't, but I reverted anyway because I hadn't put in a change notification. When I reverted back I thought everything was fine and I guess it is except for Panora...

Internet Traffic

Hi Community, This is my first message and hope I am in the right place. I am tasked with taking our single internet connection (4Gbps) and carve in two lanes. One lane will service normal traffic; internet, vpn, remote access, telephony, etc. The second lane would be dedicated to send backups data to the cloud. I'd like to take a 75/25 approa...

Resolved! S2S VPN between PA-3020 and Cisco ASA 5525

Hi All, 1st Post so hopefully i'm doing this correctly. I am trying to setup a VPN tunnel to a 3rd Party. We have a PA-3020 and they have a Cisco ASA. They do have another Cisco in-between both our devices which is performing NAT. Hence we have enabled NAT-T. The main issue I am having is that the tunnel is not coming up. The error message I get...

CPS doesn't work

Documentation says we should measure CPS for creating baseline. I have done this for last 20 days collecting CLI output every 3 seconds and have Panorama data to back it up. Below is last 7 days data, CPS never peaked beyond 20K and on average is below 4K.Using Syn-Cookie Max Threshold is 35K and activate as Zero. So it should start dropping pac...

image.png
raji_toor by L4 Transporter
  • 5641 Views
  • 5 replies
  • 0 Likes

Resolved! Scripting offline updates.

I would REALLY like to find a way to automate offline dynamic updates. I’ve been trying to script the process with a bat file and plink. I can get it to login with SSH but nothing after that. I found a post, link below, on here from about 5 years ago, that suggests what I’m trying to do may not be possible. Hopefully something has changed. ...

Bad_Goat by L1 Bithead
  • 7676 Views
  • 7 replies
  • 0 Likes

GlobalProtect Portal - No certificate profile configured, but prompt for certificate

Hi Community,I got a strange problem and want to hear, if someone got the same.We got a Panorama managed PA-3220 PAN-OS 8.1.7 with GlobalProtect portal, external gateway (which share the same IP) and an internal gateway.The external gateway got a certificate profile defined, the portal not.If I open the Webpage, the Portal prompts for a certific...

Chacko42 by L4 Transporter
  • 10405 Views
  • 5 replies
  • 0 Likes

ha2 keep alive

Hi,I am getting the below message ,there is no specific interval (around 30 min) it countinously happens from three days .What is the action need to be taken HA Group 1: Local HA2 keep-alive up04/15 14:57:47HA Group 1: All HA2 keep-alives are down04/15 14:57:39HA Group 1: Local HA2 keep-alive down04/15 14:57:39 How do i begin the troubleshoo...

simsim by L4 Transporter
  • 18921 Views
  • 16 replies
  • 0 Likes

Convert VM-Series Perpetual to Flexible License (Credits)

Hi All, I have a number of VM-Series perpetual licenses with subscriptions that are due for renewal and would like to migrate to flexible licensing so I can purchase credits to add new subscriptions. I've found the process to do this as follows however I'm looking to understand what happens to the perpetual license entitlement that I have for VM...

Resolved! PAN-OS for the PA3020

Hi All, We have a range of PAN models and try to upgrade them all to 10.0.7 but find out the PAN 3020 does not have 10.0.7 available yet.Either in CSP web site or software update on the firewall. Do i miss a step somewhere ?Please help.ThanksLeQ

Qui by L2 Linker
  • 6215 Views
  • 4 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks