This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4114 Views
  • 0 replies
  • 0 Likes

Resolved! Panorama Management Server Upgrade Suggested Path

Greetings,We are looking for suggestions/thoughts for our next upgrade to our PAN management server - we are running PAN 8.1.13 on a Model M-600. We are looking to go to 9.x - not sure whether 9.0 or 9.1 at this point. Probably will be decided based on the feedback we get from this post. So bottom line: - Which version would you recommend? Sho...

terryc by L1 Bithead
  • 3503 Views
  • 2 replies
  • 0 Likes

Panorama Report Date Picker

Hi All, Is there a setting that I am missing in Panorama for the retention of the reports created in the reports tab under monitor ?On Panorama for any default or scheduled report I only have the ability to go back 7 days:This goes for any scheduled custom report or the pre-defined reports.Panorama:However on the firewall its self I have months ...

Marc_T_0-1617781192581.png
Marc_T_1-1617781268651.png
Marc_T by L2 Linker
  • 3420 Views
  • 3 replies
  • 0 Likes

PA-820 Time Reverts to 2000

I have PA 820s deployed at remote sites with IPSec tunnels configured on them. When a power outage happens, either through a requested shutdown or not, the time resets back to Jan 1, 2000 on some of them and the initial commit fails. This causes the device to only be accessible via the mgmt interface. When looking at the logs, the reason the com...

Security Policies in Firewall

How to troubleshoot when we get sessions end reasons: Tcp-rst-ServerTcp-rst- client Tcp-fin n/aAged out I know what all these but I don't know how to troubleshoot the issue and don't know where to start troubleshoot Can someone help on this.

Using Rest API to delete an AWS Monitoring Definition in Panorama

I am trying to automate the addition/deletion of AWS Monitoring Definitions for the AWS Plug in for Panorama. I am able to add Monitoring Definitions using the following in Postman: https://{{panorama}}/api?key={{key}}&type=config&action=set&xpath=/config/devices/entry[@name='localhost.localdomain']/plugins/aws/monitoring-definiti...

SSL Decryption - Forward Trust Certificate option not available

Hello I try to configure the ssl decryption on my cluster of PA-220. I have an internal PKI based on Microsoft solution. On the first node, I'm able to generate the request, the csr has been validated by the PKI server and I'm able to export from the PKI the certificate (base-64 encoded). I'm able to import the certificat in my PA-220 device wi...

GP Authentication issues with Symantec VIP

Hi,We are running Palo Alto Global Protect with Symantec VIP MFA. We have run this for quite some time now and it has been stable until recently.We are seeing random errors appearing on one of the validation servers. It seems Palo is sending the request but Symantec is dropping it. A restart of the validation service on VIP EG fix the issue temp...

Firewall requests.png

Resolved! GlobalProtect Client Startup Windows 10

GlobalProtect Version 4.1.0-98PAN OS 8.0.10Login mode: on-demand Hi there, we've roll-out the GP-Software on everyone's PCs. Everytime a Windows (10) Client is rebooting the "GlobalProtect" pop-up Gui is showing up. Is there a way to stop loading the "GlobalProtect" pop-up Gui after rebooting Windows? Thank you.

Hodor by L1 Bithead
  • 69464 Views
  • 14 replies
  • 0 Likes

Newbie Question

Guys, I want to apologize in advance. I just haven't been able to find any information on this topic. I have our first brand new PAN firewall and I'm configuring it for use in a remote datacenter where we rent space and we will connect via site-to-site VPN. I got into the FW via the management port and I like the interface. I'm setting up th...

Resolved! File blocking for allowing specific file type to be download.

Hi guys, I have query regarding fileblocking where i just want to allow certain type of file to be downloaded and uploaded for specific file type. So for example. im allowing exe extension for microsoft.com and i provided the option to alert. And when i first made a request for the webpage it works as expected. But when i tried request for diffe...

OSPF route learning with Active/Active HA setup

I have an Palo Alto A/A HA configuration, each member with their own independent virtual router. The HA firewalls build an IPSEC tunnel to a branch Palo Alto firewall and have OSPF configured to advertise the HA firewall routes to the branch firewall, and the branch firewall to advertise it's local connected routes back to the HA firewalls. All ...

TomKisiel_0-1605971273887.png
TomKisiel_1-1605971683294.png

Resolved! Commit Error

While committing the policy we are getting the below error. Error reading signature DFA datafailed to handle CONFIG_UPDATE_START

SenthilM by L0 Member
  • 6996 Views
  • 4 replies
  • 0 Likes

Qos profile max bandwidth setting does not match qos interface statistics.

Hello Everyone, I have a question about qos and wana to confirm. I creat a qos profile and set maximum bandwidth 0.2 Mbps, after then apply it to network Interface that I want to qos. However, after finishing submit commit, I click the statistics of this interface, I see the class 2 “Maximum Egress(Mbps)” shown 0.78. I also do the same setting o...

  • 24333 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks