This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4113 Views
  • 0 replies
  • 0 Likes

Resolved! Custom app-id with regex for alphanumeric that limits to 10 characters

Am trying to create an app id that identifies a particular pattern that only be 10 characters long and must be alphanumeric, had tried various syntax but seems not to be accepted as a correct pattern with the message that the expression is not at least 7 bytes. Anyone whom have such experiences can share the the correct expression syntax? Thank...

chtoh82 by L2 Linker
  • 7696 Views
  • 6 replies
  • 0 Likes

Multicast, who accessed??

I have tested multicast to be working and is configured as in this diagram. In the logs I see traffic from SERVER zone to Multicast zone. But there is no log on INTERNAL client that accessed the multicast stream.

image.png
raji_toor by L4 Transporter
  • 3401 Views
  • 5 replies
  • 0 Likes

Resolved! New install of Minemeld: Timeout errors

I've been beating my head against the wall over the past week trying to get an instance of Minemeld to work on both Ubuntu Server 16.04 as well as within a Docker container running on Ubuntu Server 20.04 LTS. I've followed the below guides verbatim, and get the same problems with both:16.04 Guide: https://live.paloaltonetworks.com/t5/minemeld-...

Cisco CAPWAP AP stuck in Discovery

Hi All, Has anyone had problems with CAPWAP AP's separated from the WLC by a PA-220 firewall get stuck in a DISCOVERY OperationState? >show capwap client rcbAdminState : ADMIN_ENABLEDOperationState : DISCOVERYName : ***SwVer : 8.5.151.0HwVer : 1.0.0.0MwarApMgrIp : 10.1.1.2MwarName : CISCO-LWAPP-CONTROLLERMwarHwVer : 0.0.0.0Location : ***ApMod...

KevinJB by L1 Bithead
  • 15785 Views
  • 6 replies
  • 0 Likes

NPTv6 seems bugged (PAN-OS 9.1.9)

Hi,we're running into an issue with IPv6 NPTv6 which we use to route traffic through IPS on PA.The address isn't translated as expected.We tried NPTv6 in 2 configurations, both translate the same. We either used:xxxx:xxxx:xxxx:ffe0::/60 -> xxxx:xxxx:xxxx:fff0::/60orxxxx:xxxx:xxxx:ffe3::/64 -> xxxx:xxxx:xxxx:fff3::/64In both cases we sent t...

Freaky by L0 Member
  • 2875 Views
  • 3 replies
  • 0 Likes

Knowledge sharing: Palo Alto checking for drops (rejects ,discards), slowness (latency) and counters using captures, global counters, flow basic etc.

Hello To All, I will create a short summary about how to do basic checks if the palo alto drops or slows down the traffic. 1. First the pcap capture on the drop stage will show if the firewall drops the traffic and after that we check why the firewall drops the traffic. If the issue is slowness doing a pcap capture in transmit and receive stat...

NikolayDimitrov_0-1619596411072.png

User-ID not populating after Microsoft patching - Warning

Hello All, Just wanted to post this in case anyone else ran into it. Microsoft release patches as they normally do, however there is one that might break user-id, June 8, 2021—KB5003671 (Monthly Rollup). There is a warning in the notes: After installing this or later updates, apps accessing event logs on remote devices might be unable to conn...

Using Authentication Policy and GlobalProtect with AAD SAML to prompt MFA authentication for Admin access to resources

We have new requirements to require MFA for administrative access to just about everything and have to put into place in very short order. “In addition to remote access, multi-factor authentication is required for the following, including such access provided to 3rd party service providers:1 All internal & remote admin access to directory se...

Split Tunnel Routing Config Help

Looking for some help on split tunneling.We are on PAN os 9.1.9 GP client 5.26, for our LAN we also use Cisco Umbrella to block sites.What I want to do is when GlobalProtect connects I want all LAN traffic going through the VPN traffic, and all Internet traffic from the client going through their end, not the VPNWhen I try and configure split tu...

PA-5050-Data plane showing high

Dear Team, Our Core firewall Data plane CPU reaching to 99% , When we checking the traffic logs some MS-SQL application getting high usage, and system logs are showing "dataplane under severe load palo alto". Pan os : 8.1.15-h3 ,Device : PA 5050. Kindly let us know any solutions for this. Reagrds,Vishnu.

VishnuPS by L3 Networker
  • 4743 Views
  • 6 replies
  • 0 Likes

Palo Alto Globalptotect intermitant PanGPS error 'network type is unknown network' that causes the HIP report to not be send every hour

Has someone seen an issue where the PanGPS log is saying "network type is unknown network" before failing to send the HIP report every hour? For info we don't use or have enabled Internal Host Detection as there no internal gateways and I see that there are no logs before that for DNS resolution, so the Globalprotect app does not try to trigger...

Resolved! IPSec VPN certificates

I’m very new to Palo Alto and testing things out on a home virtual lab on local computer. I’m trying to configure IPSec vpn between 2 sites using certificates. My problem is that when I export the certificate from PA-1, I cannot import it to PA-2 because I don’t know where FW-1 has saved it on the windows 10 pc being used to manage the firewal...

ldapjazz by L0 Member
  • 3824 Views
  • 2 replies
  • 0 Likes

Knowledge sharing: restarting palo alto processes , reboot , shutdown, factory default reset

In palo alto like any some things are fixed with an restart. 1. If the managment plane in the masterd log (for more about the Palo Alto logs and their meaning you can check https://live.paloaltonetworks.com/t5/general-topics/knowledge-sharing-palo-alto-general-logs-and-log-files-that-are/m-p/410110#M92552) you see there are issues with a process...

Storage V-Motion

Hello, Our Virtualization team Storage vmotioned all the VMs on a specific host and that included VM-Series Firewalls for NSX as well. Resulting that the firewalls pass 0 kbps of throughput and dropping all the packets. We were able to identify this by looking at the throughput of the firewall which was 0. Does anyone know why storage vmotion br...

ayazdani by L1 Bithead
  • 3120 Views
  • 2 replies
  • 0 Likes
  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks