This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4443 Views
  • 0 replies
  • 0 Likes

Resolved! Retention period for traffic logs on Panorama

Hello Experts What is the rention period for traffic logs on Panorama, I mean how many days it will keep the traffic logs from firewall. Actually I need to do the harden the security rules by looking the traffic logs.

ghostrider by L4 Transporter
  • 32743 Views
  • 12 replies
  • 0 Likes

Anti-Spyware Behaviour and Inline Cloud Analysis

Hello All, I have run into some curious behaviour with Anti-Spyware. High severity threats tagged as threat type 'spyware' are coming through the firewall with an action of alert, despite all configurations pointing to an action that should either be reset-both, or sinkhole. I have confirmed the following: The security policy rule that m...

nohash4u by L3 Networker
  • 3236 Views
  • 6 replies
  • 0 Likes

Redundancy for Global protect VPN

Dear Friends, We have a customer who is Currently configured with GP- Global Protect for VPN is connecting with ISP-1, one Public IP / One ISP-Internet Service Provider. Requirement is, can we configure as backup or as redundant with another ISP-2 ? Purpose : Once One ISP is down, then GP- Global Protect users will not disconnect from remote...

Resolved! Undetected APP dependency?

Hi. So we ran into an issue and we're not sure if there's a missing app dependency in the Palo Alto db or if we're missing something. What happened was, we migrated one Policy from port to APP-based. On the Apps seen it only had one detected app (let's call it app1) with no new apps seen for a long time. This rule is being hit regularly by tr...

mR00t_s5 by L2 Linker
  • 1540 Views
  • 2 replies
  • 0 Likes

Migrate Fortinet to palo alto

Hello, We are planning to migrate from a Fortinet firewall to a Palo Alto Networks firewall. As this is my first time handling such a migration, I would greatly appreciate guidance from an expert on the step-by-step actions required. NGFW

Resolved! HA active/active dual ISP load balancing

Hi all, I am considering network design that have: - Dual ISP (public IP /29 for each) - 2 x PA with active/active HA - PA connects directly to L2 networks (LAN) Requires: Load sharing between 2 ISP Internet links Problems: Is it possible to configure separated nat for each? How session can failover to remaining PA? Do I need Floating IP for...

nw-rogox by L0 Member
  • 8174 Views
  • 4 replies
  • 0 Likes

Resolved! Is the Cloud Identity Engine required for filtering by Group when using Entra without LDAP?

I feel like I've read every document on this forum but I can't seem to find a solid answer to this question. I'm sure someone will link 4 other posts..... 🤦‍♂️ I am using SAML Auth to Entra for GlobalProtect. I can auth to the Portal if I specify the user directly (using domain.com\username - username@domain.com does not work). I can also ...

KSaucier_0-1748887583212.png

Shutting down/disabling subinterfaces

I am very new to the PANOS world so I will apologize in advance if this is obvious, however my search of documentation and knowledebase did not yield anything. I have been looking for a way to administratively shut down sub interfaces. Is this possible? While it's easy enough to shutdown a physical interface by assigning it's link-state we're no...

scourge by Not applicable
  • 35162 Views
  • 15 replies
  • 0 Likes

Join RQL query throwing Failed to execute RQL search . Illegal Argument

Hello team, I am trying to execute the below join query in achieve the below output- 1. Only Service accounts that has have elevated roles (e.g., roles/owner, roles/editor) 2. Service accounts that have atleast one user-managed key config from cloud.resource where cloud.type = 'gcp' AND api.name = 'gcloud-projects-get-iam-user' AND json.rule =...

Thoughts and experience with the Prisma secure browser

Hello Community, I'm looking for general feedback on those who have or had used the secure browser for DLP. Things that work well, things that didnt, etc. Just looking for non sales honesty on it. The purpose of its use would be to use the DLP feature when users utilize AI prompts etc. To help prevent PII or PHI leakage. Thanks in advance!

Resolved! Clone a Device Group?

Hi Guys, I have Panorama with a few device groups; how do I clone one of them from GUI so I can do testing without impacting a production device group? Thanks

tinhnho by L3 Networker
  • 11268 Views
  • 5 replies
  • 0 Likes

Resolved! PA-200 Stuck in Maintenance Mode, attempting factory reset

I'm attempting to factory reset a PA 200 that was on the spares shelf. The unit appears to be stuck in Miantenance mode, every reboot command boots in maintenance mode. I attempted to execute the factory reset and the message I get is: "No current image found, please use advanced options" So I click on advanced options and it asks for a pa...

Resolved! Redistribution UIA not working...... INTERNAL ERROR

Hi, I configured a PA in order to redistribute UIA mappings to another FWs. All the config is OK but its not working. I can see this in the FW redistributing: (active)> show redistribution service status Redistribution info:Redistribution service: downReason: internal error i tried to restart process UIA MGMTServer.... any idea about ...

BigPalo by L4 Transporter
  • 2275 Views
  • 3 replies
  • 0 Likes
  • 24375 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks