This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4221 Views
  • 0 replies
  • 0 Likes

invalid syntax delete rulebase security rules (rulename)

Hello There, I am running PA-OS 8.1.19. i attempt to delete a security policy via CLI, However, I get an error of Invalid Syntax. Does anyone know what did i miss.i looked at several docs and all indicate i am using a correct CLI command Login to the PAN via console (serial) PAN>configurePAN#delete rulebase security rules LANInvalid Syntax.[e...

KurdTech by L1 Bithead
  • 5580 Views
  • 6 replies
  • 0 Likes

Static Redistribution to BGP

Hi All, I need some help/advice as I am unable to achieve the wanted results.Scenario: a) I have 2 PA firewalls sitting on separate DC operating independently.b) I would like to add a static route on PA (DC1) and as long as the path monitoring for that IP is up the route should be added to the redistribution to BGP which is controlled using a pr...

kanes39 by L1 Bithead
  • 2637 Views
  • 1 replies
  • 0 Likes

GlobalProtect icon disappears from taskbar in Windows 10?

We're having a problem with GP 4.0.6 and 4.1.1 clients on Windows 10 where the icon dissapears from the task bar. It doesn't happen all the time, but when it does it causes a fair amount of user frustration. With the 4.0.6 client, I could search for global protect and bring up the connect window. With 4.1.1, I have to kill the the GlobalProtect ...

uvdes by L2 Linker
  • 22554 Views
  • 6 replies
  • 0 Likes

Resolved! How to determine if high dataplane is an issue

Our Data plane CPU usage is constantly on or above 90%. We have a PA PA-3020. PANOS 9.1.6 It is usually High only during business hours and after hours it is back to normal.It has not affected the firewall performance and any traffic yet.However we are worried what could be causing it and how can we optimize it.We have followed this KB article...

Resolved! API or cli Request App-id in which App Group?

Is there a way to see which application is in which app group using the API or CLI? I can do a config-output-format set and then show the entire config- but that isn't efficient. Without using the GUI, is there a good way to see what app-ids are in a group if you know the name of the group?

Sec101 by L4 Transporter
  • 5815 Views
  • 5 replies
  • 0 Likes

Management interface routing

I'm working on isolating the management interface onto its own network. The firewall will be the router for this traffic and the network switch it connects to will be L2 only. If my management IP is 10.10.20.10/24 and the gateway is 10.10.20.1 where do I configure the gateway address 10.10.20.1 on the firewall? Is this created as part of the man...

Phase 2 tunnel status

Please excuse me as I am still learning and am relatively inexperienced. I assume the phase 2 status can be red for following reasons (assuming IKE phase 1 is all correct and working) Authentication, Encryption, DH settings being incorrect/mismatched or lifetime expiring. Are there any other reasons it would be red perhaps to do with remote or l...

ipsec tunnel status.jpg

FW in Palo IP changed

Hello -I have an HA pair of palo's that were added to Panorama. The management IP for each of those palo's has changed and are now showing in a disconnected state. How can I correct this? Thanks in advance.

require admin users being member of LDAP groups

HelloWe are using LDAP for authentication of the admin users (for Panorama as well as the firewall nodes).Is it possible to adjust this, enforcing the user being a member of a specific AD group?Last info found was regarding PAN-OS 8.1 (https://live.paloaltonetworks.com/t5/general-topics/add-ldap-group-as-administrator/td-p/260754). Here the outc...

Setup VPN Global Protect DynDNS

Setup VPN Global Protect DynDNS Dear community:Good afternoon, is it feasible to be able to configure VPN access with Global Protect, on a Palo Alto with the following scenario:Palo Alto with:-Public IP Dynamically ( DHCP )-Firewall configured with the DynDNS service.-FQDN provided by DynDNS ( vpnaccessgprotect.dynalias.net ) Please confirm if t...

Metgatz by L4 Transporter
  • 4735 Views
  • 4 replies
  • 0 Likes

wildcard fqdn for destination in security policy. FQDN for  abc*.def.com

Team , I have a question about something that I guess is not possible to configure but will like to confirm if possible . My client want to allow Internal NW 10.0.0.0/8 to FQDN abc1.def.com port HTTPS , this is normal and I have a few of this rules already implemented. Now the question is , is possible to create a FQDN for abc*.def.com?, a wil...

Resolved! Captive Portal w/2FA in Azure

Hi All -Hopefully I make this clear. What I'm looking to do is set up Captive Portal with a push notification in Azure AD. I can't seem to find any documentation around this, can someone give me the general steps or point me to existing documentation? Thanks in advance.

Specific Action change on Individual Signature

Hi Experts,We've configured a Vulnerability profile with the Action of Default. For the Windows Print night mare vulnerability (Version ID: 8424, signature ID:91333) and the CVE ID: CVE-2021-1675 I see the default action is marked as 'Alert' which will allow the traffic.I am trying to change the action of an specific Vulnerability signature from...

URL filtering

I have one query it is necessary to add a URL Category to add in URL Filtering Profile or I can add a separate URL category in the Security policy without adding any URL filtering Profile.for example, I Create a URL Category name test which having some testing site then after I create a Policy to LAN (INSIDE) to WAN (OUTSIDE) add some users and ...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks