This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4105 Views
  • 0 replies
  • 0 Likes

Resolved! Destination NAT Error

Hello All, Doing an destination Nat but getting below Error. Could anyone please help me. Also pls find below my nat rule Please note : Ethernet 1/1 is my Outside Interface

vishal_07_2-1627031851196.png
vishal_07_3-1627032032760.png
vishal_07_4-1627032054212.png

Exception Handling in Palo Alto Support Page 7/22/2021

Hello Palo Alto Team, I would like to bring this up with you. I noticed that your support page went down today 7/22/2021 and that is fine. What worries me is the way your system handles exception. I think you are exposing to much that end user like myself has no business reading. 1. No connection could be made because the target machine actively...

NAT SDWAN

Hello,My Name is Dwi. I have case with SD-WAN configuration.I have 2 ISP DIA provider, and i want to combine 2 ISP provider in to single logical SD-WAN for Load Balancing Internet Traffic.the Palo Alto device is under NAT, please help me to configure NAT in SD-WAN ? thanks very much.

dwinur by L0 Member
  • 4571 Views
  • 3 replies
  • 0 Likes

Using GlobalProtect , ExpressVPN and Remote desktop

Dear All, I am pondering following scenarios: 1- I connect to Server "S" using GlobalProtect on my Computer "A". Now Assume i do not have access to computer "A" physically because i have moved to another city. I want to access computer "A" from another computer "B" using remote desktop sharing. My question is the connection between "A" and "B" g...

shaukafa by L0 Member
  • 4413 Views
  • 1 replies
  • 0 Likes

Resolved! Always On Global Protect VPN

When I am looking at GP Gateway Users I see some USERs withID prelogin and others where USER matches the COMPUTER namefield. Any idea why I might see one or the other? I am using certificateauthentication.

MichaelMedwid_0-1626972848253.png

Why does URL Filtering Profile with a custom URL Category assigned require the same custom URL category assigned in a security rule to work?

Hi all, Pardon me for the lengthy title. Here is the layout of what I am working with:😅I am currently running PAN-3020 on PAN-OS 9.0.13I do not have a URL filtering licence I do not yet do decryption (long story).Security rules are any/any for testing this. I have been tinkering with custom URL categories and filtering profiles. I have got wh...

inter-vsys vs shared virtual router

Hi all It seems like 1 virtual router can be shared by multiple vsys Reading uphttps://knowledgebase.paloaltonetworks.com/servlet/fileField?entityId=ka10g000000UADEAA4&field=Attachment_1__Body__s1 VSYS can have all multiple VR’s as well as multiple VSYS can share the same VR https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/virtual-s...

iFAST-SG by L0 Member
  • 5098 Views
  • 1 replies
  • 0 Likes

Resolved! techsupport file info

Does anyone know if you can see session tables in the tech support file? Trying to troubleshoot a session sync issue and wondering if I can go back and look at the table when the TS file was created.ThanksJoe

jdemares by L1 Bithead
  • 2672 Views
  • 1 replies
  • 0 Likes

ECMP and PBF not work

we have a PA-820 with dual ISP internet (ethernet 2, ethernet 3) and ECMP. all PC 10.1.0.0/16 can load balancing through 2 Internet connection.If I use PBF so PC 10.1.3.250 only go out through ISP 2( ethernet 3), I see this PC cant connect to Internet any more. It seem ECMP cant work with PBF, is there any way to do this ? this is PBF rule

test pbf.PNG
duyennv by L0 Member
  • 2298 Views
  • 1 replies
  • 0 Likes

Resolved! BGP on PanOS: allow route with own as number in as-path

hi,i am new to panos and have problems in allowing a route with its own as number in as-path incoming from a peer. looks like the route is not accepted as a loop prevention but it is just the fact that the as number is used twice as two companies connect together with private as numbers. what do i have to do in order to accept the route like all...

daniel by L0 Member
  • 4815 Views
  • 1 replies
  • 0 Likes

10.0 user-id agent ignore_user_list not working

Since upgrading to pan os 10.0.6, we've noticed the "ignore_user_list" on our server user-id agents doesn't seem to be working. We did not have any issues prior to upgrading to 10.0.x. Has anyone else noticed this issue? We upgraded our user-id agent to 10.0.3-10 (latest version) at the same time. We have a support ticket open, but have yet ...

jmurphy by L2 Linker
  • 2474 Views
  • 1 replies
  • 0 Likes

Http traffic to https

Hi Guys Can we redirect someone trying to access http://www.xxx.com to https://www.xxx.com ( port 80 to 443 ) ?If we are using Dest NAT for https://www.xxx.com ? Thanks

i_maddy by L0 Member
  • 2418 Views
  • 1 replies
  • 0 Likes

Resolved! Assign multiple netflow profile to an interface

Hi AllWe have multiple netflow servers in the environment and i want to configure palo alto firewall interface with multiple netflow server profiles. I have already one netflow server profile attached to my Layer3 interfaces and now i want to configure another netflow server profile and attach to these interface but don't know how to do it. Is i...

Resolved! GlobalProtect uninstall problem

Hi,Our user have a problem with GlobalProtect client on a computer running Windows 8. Client was behaving very unpredictable (constantly connecting and disconnecting from the VPN), so it is uninstalled (from Control Panel\Programs\Programs and Features - Uninstall a program).Now, when attempting to install the new GP client he getsHe rebooted th...

Decrypt GlobalProtect traffic

Hi Guys!I have a GlobalProtect (IPSec) configuration with an external gateway, all remote user traffic goes through the vpn tunnel, to which I apply decrypt policies for this traffic.The problem is that in applications like "teams", it is not possible to share screen, send messages, etc. while connected to GP.When I disable the Decrypt rules, ev...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks