This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4246 Views
  • 0 replies
  • 0 Likes

Global protect for android phones using proxy

Could you please confirm if proxy is supported on the Android GP App. Our end users are using proxies on mobile devices including iOS, Chromebooks, and Android. It appears that only the GP clients on Android are having issues connecting. The GP client reports that there is no internet connection. This used to work 1-2 weeks ago(on old GP version...

High amount of traffic to exchange server

We are seeing a high amount of traffic coming from outside public IPs to our exchange server. It's more than 2GB and sometimes more than 4GB of traffic. Initially, we blocked these IPs in firewall policy but every time after blocking the IPs, some more new public IPs keep coming with high traffic. We are suspecting maybe it's some kind of attack...

Both the Vm Firewall was in active state

Hi Team , We have 2 Vm firewalls both the vm firewall are in Ha and in active and passive. The passive firewall base license and all the license have expired one week ago. The ha1 and ha2 link was showing and both the VM firewall was in active-active state.Both the firewalls were in active state.Can you please let me know why both the vm firewal...

Resolved! PA UID LAB not working correctly

Hi Everyone, I am currently having issues trying to get UID to work on Eve-NG using PANOS 9.0.4, it is a only a EVAL license but everything is working except for UID.I have followed agentless guide to setup and AD server is connected to the PA as per the "User Mapping" tab.Policy is setup correctly, however as soon as I add "Domain Users" as the...

Vimz888 by L1 Bithead
  • 6135 Views
  • 4 replies
  • 0 Likes

SDWAN and Tunnel Monitor config

Hi All, I'm trying to get my head around SD-WAN and tunnel monitoring, specifically SD-WAN AutoVPN creates Tunnels with tunnel monitor turned on with a destination IP of the other side of the tunnel and the Tunnel Monitor profile set to sdwan-default. If I then look in Network Profiles -> Monitor see sdwan-default configured with an action o...

KevinJB by L1 Bithead
  • 5023 Views
  • 1 replies
  • 0 Likes

Retro-fitting standard SD-WAN into existing firewalls

I want to deploy hub-spoke SD-WAN into my existing routers, but it says you must do it through Panorama. It then wants me to create a template, add the router, interface, etc. and basically define everything to do with SD-WAN in Panorama. The problem is I have a fully functional set of firewalls with live traffic, BGP, etc. and if I force temp...

Advertising default route in OSPF Totally Stubby Area

Hello, I've setup an OSPF Stub area with the below options on the ABR: - Accept Summary [ unchecked ]- Advertise Default Route [ checked ] However if I look at other neighbors in the area they are not received a default route pointing to the ABR. Is there something I'm missing here or not understanding? I've set it up as a TSA according to the d...

NobleNOC by L0 Member
  • 3651 Views
  • 1 replies
  • 0 Likes

Device groups out of sync for multiple firewalls

After importing a new firewall into Panorama all of the other firewalls are now showing out of sync. I believe it's because the box was checked that says "import devices shared objects into panoramas shared object context". When I tried to push to devices, it fails on all the devices. It's unable to parse the policies. It's saying an object is m...

Slade34 by L0 Member
  • 2538 Views
  • 1 replies
  • 0 Likes

SYSTEM ALERT : high : Not enough space to load conent to SHM after upgrading PA820 to PanOS 10.0.3

Dear all. I upgraded last night to PanOS 10.0.3 and this morning I'm getting error messages from the firewall: SYSTEM ALERT : high : Not enough space to load conent to SHM admin@xxx> show system disk-spaceFilesystem Size Used Avail Use% Mounted on/dev/root 9.5G 2.7G 6.4G 30% /none 2.0G 68K 2.0G 1% /dev/dev/sda5 19G 4.1G 14G 23% /opt/pancfg/de...

Tunnel interface show "Red"

Hi,As iam facing the issue with Passive firewall as interface status show "Red" Moreover Tunnel monitoring is already disable still it's show red. As on the active firewall the it's show green,Can you please advise.

Joshan_Lakhani_0-1616928688768.png

User-id redistribution not working

I have user-id successfully configured on a fw, and i am trying to redistribute these mappings to panorama We are using the integrated Panos agent, i have created the the user-id collector name/pre-shared key on redistribution tab of the User-id Agent Setup; and configured those credentials on the Panorama's User-ID agents tab, via port 5007 B...

Will DoS Protection Block IP or Block Service of IP when Max Rate Threshold is Exceeded?

For the following scenario, will DoS block destination IP or block service of the destination IP? If a DoS protection policy include destination IP and Services to protect an internet facing server, for example source any destination 1.1.1.1 service UDP port 80, then action protection, address destination-ip-only and a DoS security profile whic...

Shiling by L0 Member
  • 3285 Views
  • 1 replies
  • 0 Likes

Resolved! API call to panorama how to register DAG?

When registering IP's to Tags on panorama, do you have to specify a target or device-group or serial number in your call? How does that match/registration actually occur? Do you have to specify a "location device-group" in the call? <uid-message><version>2.0</version><type>update</type><payload><regist...

Sec101 by L4 Transporter
  • 5664 Views
  • 5 replies
  • 0 Likes

What is "'service':Off" in chassis.leds on PAN-OS 9.1?

Hi,I found out a new item in 'chassis.leds' on PAN-OS 9.1.There is not shown on PAN-OS 8.1.Anyone know what does it mean 'service':Off ?- v8.1>show system state filter chassis.ledsChassis.leds:{'alarm':Off, 'fans':Off, 'ha':Off, 'log':Off, 'status':Green, 'temp':Green, }- v9.1>show system state filter chassis.ledsChassis.leds:{'alarm':Off,...

Mt_103 by L2 Linker
  • 2278 Views
  • 1 replies
  • 0 Likes
  • 24359 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks