General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Ensuring a Safe and Secure Community: How You Can Help

 

Dear LIVEcommunity Members,

 

Ensuring a top-tier experience on LIVEcommunity and protecting our members’ safety and security is our top priority! To this end, we have implemented additional security measures to safeguard our vibrant global commun

...

safe-community_oct24.jpg
report-content.jpg
jforsythe by Community Team Member
  • 271 Views
  • 0 replies
  • 1 Likes

User ID v. UPN

We are moving to Office 365 and standardizing on UPN for identification.  This required that we create a new UPN suffix for our AD domain.  We decided to have our UPN match our email address format.  Below are samples of each attribute format: 

 

FQDN

...

mchaffin by L0 Member
  • 5014 Views
  • 2 replies
  • 0 Likes

Resolved! Palo Alto 7000 heartbeat backup icmp fail

Hello to All,

 

 

From time to time the ICMP fails for the management connection between two firewalls model 7000 with 8.1.x version. The issue causes a failover but the 7000 firewalls have dedicated interfaces for HA and the management should be used o

...

Resolved! M200 raid disk pair status stucked at 0%

To enable the disk A ,we have run the below command

request system raid add A1
and after 5 min run below command :
request system raid add A2

 But disk is not enabled. Status is stuck at 0% since last 6 hours.

 

How we can resolve this issue ?

Deepak_K_0-1612969567576.png
Deepak_K by L3 Networker
  • 2722 Views
  • 2 replies
  • 0 Likes

Resolved! GlobalProtect clients experiencing latency delays

Hello,

 

Clients who are connected via GlobalProtect VPN are experiencing slowness with all their traffic traversing the VPN (ie.. Internet and Server access traffic).

The latency is between 200-400ms for all the traffic regardless of whether its Intern

...

Farzana by L4 Transporter
  • 12548 Views
  • 12 replies
  • 0 Likes

AE Interface down during failover

We recently had a failover event during a normal upgrade of the firewall (10.0.1 -> 10.0.4). The LACP aggregate interface on the Cisco switch / Firewall did not come up during this time, which resulted in a longer than expected outage. Powered down f

...

Service route in panorama.

Dear Team,

 

I have two interfaces configured in my panorama:

1-management interface

2 -ethernet1/1.

 

for software and dynamic updates by default, my traffic is going via management interface. I want to change the service route through ethernet1/1 but I a

...

Jafar_Hussain_0-1593346305511.png

Resolved! Study tip for PCNSA.

Hello everyone,

 

I spent a year working directly with Palo Alto firewall and I would like to get some certifications, but all video content I find is purely in English and I still don't have a command of the language.

 

Did they have any text material t

...

Amaro123 by L2 Linker
  • 3344 Views
  • 2 replies
  • 1 Likes

Resolved! Policy Based Forwarding

Hi All,

 

I have a  guest wifi vlan 10.25.x.x that needs to be routed out to a second ISP.  

 

AP-->WLC--Palo Alto FW-->MPLS/VPLS-Router-->L3Switch-->ISP

 

The vlan will each have a sub-interface and gateway 10.25.x.1 assigned on firewall in its own guest

...

MistryJa by L1 Bithead
  • 2730 Views
  • 2 replies
  • 0 Likes

OKTA SAML panorama authentication?

Trying to get this working and I am able to authenticate using OKTA SAML  via the button on the login screen but when I do (after entering u/p on the OKTA page) it redirects me back to the Panorama login page.  I see PAN_AUTH_SCUESS SAML on the CLI b

...

drewdown by L4 Transporter
  • 4164 Views
  • 5 replies
  • 0 Likes

Resolved! 1:1 destination nat mapping

Hi everybody,

 

  does anybody know if it is possible to write a single destination NAT policy in order to map ip addresses from a given range/network to a corresponding range/network of the same size preserving the host portion of the address? I try t

...

grenzi by L3 Networker
  • 5126 Views
  • 3 replies
  • 0 Likes
  • 23639 Posts
  • 107 Subscriptions
Top Liked Authors
Labels