This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4225 Views
  • 0 replies
  • 0 Likes

Web Activity Monitoring for BYOD School

Hello All... We are looking for a solution for a medium sized private school (k -12) to track users web activity. We'd want to be able to go back a week or so..nothing crazy. But would love to be able to get a report on a site\url and see what user visited that site and when. And of course, vice versa-- seek out a particular user and see what ...

Bind 2 separate IPSEC tunnels to separate ISPs

I am trying to setup a separate IPSEC tunnel to a new ISP while keeping the rest on the old ISP. I am doing this as a test. My issue is lack of connection. The message I get from the logs is that it try's the connection then I get another saying its deleting possible stale. Is there something I am missing? Both the IKE and Crypto are setup...

VPN Ipsec SitetoSite DynDNS

Good afternoon everyone, a question, is it possible to set up a Site-to-Site VPN between two sites with Dynamica IP, but that have each their FQDN with DynDns services.Example:Site 1: FQDN: mysite1.dynalias.net ( DynDNS )Site 2: FQDN: mysite2.dynalias.net ( DynDNS )Please can you help me and confirm exactly if this configuration is supported. Bo...

Metgatz by L4 Transporter
  • 4823 Views
  • 3 replies
  • 0 Likes

Resolved! VPN TWO Interconnected Sites Public IP DHCP ( DynDNS )

Good afternoon, I have some doubts regarding a configuration: Scenario: I have two sites that I have to configure with Site-to-Site VPN. Both sites have dynamic public IPs. In both of them DynDNS services are configured and operating. The sites with dynamic public IP, if in both sites I have Dynamic Public IP ( DHCP - DynDNS )In the "Local IP Ad...

None_Ip_Dhcp.JPG
Metgatz by L4 Transporter
  • 4536 Views
  • 3 replies
  • 0 Likes

Resolved! System logs stalling same time every day

On our PA3050 the system logs stall each day at 04:01 and then starts again at 20:00I have verified this happens in both GUI and CLINo scheduled jobs correlate with the timing of the logs stopping then startingI have checked show system logdb-quota and everything looks fineI have checked show system disk-space and we're fine on disk spaceI have ...

PatScott by L1 Bithead
  • 4792 Views
  • 3 replies
  • 0 Likes

The source port was natted to multiple source ports while the packets leaving the FW

Hello everyone The NAT type we are using is "Dynamic IP and Port", the Palo Alto Networks firewall translates the source IP address or range to a single IP address. for this conversion, when the packets arriving the FW, we can see the source port is all the same But while the packets leaving the FW, the source port was natted to multiple ports T...

DongQu_1-1625733192489.png
DongQu_0-1625733419236.png
DongQu by L2 Linker
  • 6703 Views
  • 5 replies
  • 0 Likes

log forwarding to CDL is generating high traffic volume

Dear community! We are sending logs to cortex data lake and we noticed high traffic volume for the sessions concerning log forwarding, with peaks up to 200GB of data sent. Do you know if this volume of traffic can be normal?Also, is there any documentation on how logs are being sent to CDL or how would you troubleshoot this issue? Thank you in ...

Carracido by L4 Transporter
  • 4626 Views
  • 5 replies
  • 0 Likes

VPN Site-to-Site FQDN peer ( Dyndns )

VPN Site-to-Site FQDN peer ( Dyndns ) Good afternoon, I am trying to set up a site to Site VPN using as PEER FQDN myvpnsite2.dynalias.net ( DynDNS ).Should I also use the Local and Peer identification parameters and settings or it is not necessary?Although the IP is dynamic ( IN BOTH SITES ), I am referencing the peer with a DYNDNS FQDN. Please...

FQDN_Dyndns.JPG
Metgatz by L4 Transporter
  • 4708 Views
  • 2 replies
  • 0 Likes

SIP Traffic - End Reason Resources Unavailable

We seem to have a lot of SIP traffic that is reporting a Session End Reason of "resources-unavailable". This traffic is hitting rules that don't even match. Please refer to attached screen capture. What could be the reason? Thanks for your assistance,

VPN Site-to-Site and Global Protect - DynDNS IP WAN DHCP

Hello, good afternoon everyone, I hope you are very well.I have a couple of questions, I hope you can clarify and help me. 1.- Is it feasible to create a Site-to-Site tunnel between two sites with DYNAMIC IP ? Example using DYNDNS, in both sites, is it feasible to set up a tunnel between these two sites, both with Dynamical IP ? 2.- Is it possib...

Metgatz by L4 Transporter
  • 3425 Views
  • 4 replies
  • 0 Likes

Resolved! Error: Failed to get policy objects: NO_MATCHES(Module: useridd)

Hi all, Just another day with PA3050s and came accross an odd error when trying to commit my changes as usual.I tried to resolve it doing > debug software restart process management-server but it did not help. I am scratching my head to understand what is going wrong? Has anyone had a similar experience? I persistently getting this error : Er...

Resolved! MGMT interface ip address

Hello, is that possible to use for the MGMT interface IP address from a VLAN that configured in one of the data plane interfaces? For example:Eth1/1.100: IP 192.168.1.1/24 Mgmt interface IP: 192.168.1.254/24DG: 192.168.1.1 Thanks,

hasansh by L0 Member
  • 3087 Views
  • 1 replies
  • 0 Likes

DynDNS Certificate

Good afternoon, I am trying to configure DynDNS on the Palo Alto machine.In the steps it talks about using a certification profile, and in the Palo Alto instructions, it talks about importing the SSL certificate from the DDNS provider. My question is how and from where do I get the certificate, I consulted with the provider and they do not under...

Metgatz by L4 Transporter
  • 5023 Views
  • 1 replies
  • 0 Likes

Redundancy VPN between two sites with two ISP

HELLO ALLWe have two PA devices.(850 and 500).They are located in different sites.Both firewalls have two connections to Internet via 2 different ISPsWe want to make Site to Site VPN between these sites.But make it redundant.Two VPN connections between sites through different ISPsI can not find any manual how one can configure this schemaPlease ...

Radmin_85 by L4 Transporter
  • 8217 Views
  • 5 replies
  • 0 Likes
  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks