This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4220 Views
  • 0 replies
  • 0 Likes

Resolved! [API] - User-ID

Hello Guys, Sorry if the location is incorrect. I was looking for a location regarding API. I'm trying to set up an user with his IP through API. This is for a lab. I did follow this page: https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-panorama-api/pan-os-xml-api-request-types/apply-user-id-mapping-and-populate-dynamic-address-groups...

Resolved! Issues with Pre-Defined Decryption Exclusion

Hello, I'm trying to figure out any reasons that the decryption exclusion would not be working. As the traffic is being denied: What could I be doing wrong in my config to have this exception not work?

CPATT_0-1747149300179.png
CPATT_2-1747149664690.png
CPATT by L1 Bithead
  • 2725 Views
  • 5 replies
  • 0 Likes

HA session sync too slow?

I've recently migrated to a pair of active/active HA firewalls and am seeing some DNS return traffic dropped. Checking the logs, I can see that traffic is returned via another firewall as the DNS request was received. No problem, as normally the HA session sync is fast enough for the other firewall to have the session.However, the DNS servers re...

dmgeurts by L2 Linker
  • 1747 Views
  • 3 replies
  • 0 Likes

Firewall Configuration via API

I have enquiries regarding the API on PA firewall. I would like to know whether I can enable User-ID in zone, adding server in Server Monitoring and adding Syslog Parse Profile via API or not? Are those actions supporting configuration via API?

Person Vue exam error

Hi, for the last week I tried to the Palo Alto SSE and the PCNSE and I get an error (see attachment). does anybody knows about problem with PersonVue exams online? thanks

m.Zrihen by L1 Bithead
  • 1820 Views
  • 5 replies
  • 0 Likes

PrismaAccess: Maximum limit for tunnel settings in the GlobalProtect app

HelloI would like to know the upper limits for tunnel settings in the GlobalProtect app in PrismaAccess.① Upper limit for tunnel settings profiles② Upper limit for IP address matches③ Upper limit for routes to exclude The background is that we plan to use GP with PrismaAccess at 30 companies with over 100 locations, and we would like to route as...

H.Tsuboi by L0 Member
  • 1636 Views
  • 1 replies
  • 0 Likes

Issues with PAN-OS 10.2 Upgrade – Missing Configuration After Update

Hello everyone, I recently performed an upgrade from PAN-OS 10.1 to 10.2 on our firewall, and we’ve noticed that some of the previous configuration settings seem to have disappeared post-upgrade. Specifically, some custom address groups and security policies are missing, while others remain intact. Has anyone encountered this issue with PAN-OS u...

Panorama not pushing network template changes to devices

Hello, I am very new to Palo Alto FWS so please be gentle 🙂 I have been asked to setup two new PA3060 firewalls to be centrally managed by a Panorama server. Both the Panorama and Firewalls are running v8.0.5. I have successfully followed the PA instructions to import the firewalls and configs into the Panorama. However, if I create say a new...

gc227s by L1 Bithead
  • 22649 Views
  • 8 replies
  • 0 Likes

Resolved! VM series firewalls and interfaces

Howdy all I have deployed 2 VM series firewalls in VMware workstation pro but I can't get their dataplane interfaces to ping each other. I'm sure this has to do with how to configure the network adapters. I have no issues accessing the GUIs/ Management interfaces and they can ping each other as these interfaces are bridged in Vmware workstation...

Resolved! Active-Passive pair takes long to show the status when one is rebooted.

Folks,Our Active-Passive pair takes too long to show the status(i.e. active or passive) when one of the firewall is rebooted. i.e. as of now things are running fine, but if I reboot the passive firewall it will take a very long time to once again come up as passive. It goes through the "not ready" and "initial" stages before getting in the "pass...

nson2139 by L3 Networker
  • 13896 Views
  • 10 replies
  • 0 Likes

Global Protect lose internal resources access

Hello everyone, I hope you can help us. We have some users who are connected to global protect, but from time to time, they lose access to the internal resources. When this happens, they have to update the connection in the GP client to be able to access, and when they do this it works, they can access the internal resources. Has this happened t...

Outbound SQL traffic (possibly) hitting a zone protection profile

We have a process that sends MSSQL (1433/tcp) to a cloud service that occasionally just stops working - so trust to untrust. It is mostly on 'larger' data transmissions. Turned off all the flood protection in the zone protection profile on the outside interface, and there is no issue. Can I see where that is being triggered? Any thoughts on chan...

4.0.8 Object Name Change Not Updated In Policy

I used to be able to make changes to objects (address/groups/application groups) ect. But now when I made the change I have to go through my policies and NATs and update them manually. Any ideas? Is there an update object option that I'm not aware of?

Resolved! Template vs Device Group

Hello All - I am fundamentally not understanding the difference between Template and Device Group. Using teamplate i can push a policy to multiple Firewalls. Looks Device Group also does the same thing. What is the difference, and use case. When to use template and on what scenario i have to use Device Group? Thanks RB

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks