This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4107 Views
  • 0 replies
  • 0 Likes

Not able to login to Production Firewall

Hi have HA 32XX Series production firewall 9.0.5 version, I was doing password comlexity comit and after that i am not able to login via GUI/SSH/Consle and showing invalid password. I opened TAC and they suggested to revert configuration via maintainance mode , To minimize the risk i rebooted the passive pair and i am not able to find configurat...

Resolved! Deactivate Licenses from Customer Portal

Good morning, How do we remove the expired licenses from the Customer Portal? I have 'trial' licenses that I have removed from the actual FW (delete license key <key file>) via the CLI, and that works fine. However, if you 'refresh' the licenses on that FW, those expired licenses come right back, as they are still listed in the Customer ...

Resolved! Impact of this command?

Can anyone explain what the impact to the firewall of running this command would be: delete license key <logging_service_key> Would it prevent it from working suddenly, would it just be for the logging service and then it would have to refetch the key? Thanks!

CDL Syntax Query.

From what I can tell, CDLs syntax is extremely limited compared to that of Panorama. Does anyone think differently? Any tips/tricks you can share for more in depth queries? For example:excluding multiple IP ranges;limiting the search one user, but including multiple apps/destinations with an OR. Essentially anything you would use parenthesis for...

PA-3020 - SYSTEM ALERT : critical : Disk usage for / exceeds limit, 95 percent in use

Hi Team, We are frequently experiencing Disk Usage exceeds limit alerts for PA-3020. s/w version: 9.0.11 Please find our findings below, Disk Space==============================Filesystem Size Used Avail Use% Mounted on/dev/root 3.8G 3.3G 348M 91% /none 1.9G 64K 1.9G 1% /dev/dev/sda5 7.6G 4.6G 2.6G 64% /opt/pancfg/dev/sda6 3.8G 1.6G 2.1G 44% /op...

VishnuPS by L3 Networker
  • 4765 Views
  • 2 replies
  • 0 Likes

Security Policy is passing the service which is not configured in policy.

We have created a VPN to Trust rule for just FTP and SSH Service for server in which we have Allowed only those services with application any. But the some of the traffic is passing with the some random service port with the same rule with application ftp which is not mention in security policy. Any Idea why is this happening.

Screenshot (501)_LI.jpg
Screenshot (502)_LI.jpg
MPESDC by L0 Member
  • 2699 Views
  • 3 replies
  • 0 Likes

VM-200 log disk resizing

Hi,Can we know if the following is possible with Palo Alto? 1.Resize the Log drive on a functional Palo VM without losing all contentWe’ve always had a secondary larger log drive when these were built – not big enough mind you.i.e. an offline resize with something like GParted instead of deleting the existing log drive and recreating a bigger lo...

Is is a bug on PAN OS 10.0.6?

Hello there I have recently update to PAN OS 10.0.6 and after that I realized in the Email Scheduler>Overide Email Address, if i have more than two, only the 1st one will be send and second one as CCed. all the other email address got dropped. I have tried to create a new scheduler but it is the same thing. Has anyone else got the same issue...

EdwardXu by L0 Member
  • 2282 Views
  • 2 replies
  • 0 Likes

I am trying to get my firewall on the network for the first time.

So far I cant ping the firewall from the network and I can't ping the gateway or any pcs from the firewall. I have checked the arp table and I don't see any mac addresses there, so now I am starting to get concerned about the viability of this firewall. However my experience with paloalto firewalls started with this device. However my network...

Alleria by L1 Bithead
  • 14154 Views
  • 16 replies
  • 0 Likes

Global Protect does not connect after computer installation

Hi community During the still ongoing pandemic, this issue is a little painful... We use sccm to install windows and additional software to computers. One of this additional software is global protect. The intention was to install the computer in the office by the client team and then send the device to the employees. With Pre-Logon actually i...

Remo by L7 Applicator
  • 5701 Views
  • 4 replies
  • 2 Likes

PA HA - "ping timeout & "No buffer space issue"

Hi, There are some error logs showing on output of "less mp-log ha_agent.log" in PA cli. Just want to understand what can be the root cause of the error logs. Presently was are not using mgmt interface as HA1 backup, not sure why below error log is coming:"2021-05-17 23:10:11.338 +0400 Error: ha_ping_peer_miss(src/ha_ping.c:756): Missed 1 ping ...

preetpk by L2 Linker
  • 5074 Views
  • 4 replies
  • 0 Likes

Palo decrypt error unsupported

Hi, We are receiving decrypt error in our ssl inspection traffic ++++As Per the below logs Server is using an unsupported EC curve x25519. Correct the server configuration to use a curve that the firewall supports.++++2021-03-17 06:59:01.789 +0100 Error: pan_tls_ec_curve_id_2nid(pan_ec_common.c:66): unsupported ec curve_id 29<<<<<...

BigPalo by L4 Transporter
  • 4068 Views
  • 2 replies
  • 0 Likes

Global Protect 4.0.2 -19 cannot connect to Portal

Hello everybody, we are facing a big problem regarding the GlobalProtect Client.Problem is that some Users can connect via GlobalProtect but some can not.Setting up a new User Profile fixes the Problem but that is not a solution.We are struggeling to find the cause inside the User Profiles which causes this behavior. If any of you have a suggest...

husetech by L2 Linker
  • 14562 Views
  • 11 replies
  • 0 Likes

Consolidating or aggregating IP addresses in Processor

Apologies if this question has been asked before, I searched the board but couldn't see anything that stood out I'm consuming the SANS/IRC list of IP addresses attributed to Internet Security Researchers, in an attempt to cut-down on false-positive threat alerts in customer networks. The Miner I wrote works fine, and pulls down about ~6700 IP ...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks