This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4120 Views
  • 0 replies
  • 0 Likes

Resolved! Due to Open SSH Denial of Service vulnerability firewall dropping random connections

Hi Guys, Large number of connection attempts made which is normal as per the server team but firewall is considering it vulnerability and dropping the random connection to the server. After getting 3 to 4 successful execution in the same session it getting failed. error msg :org.apache.commons.vfs2.FileSystemException: Could not connect to SFTP ...

gasin1 by L1 Bithead
  • 4731 Views
  • 3 replies
  • 0 Likes

Failover in NAT

We have a configuration to balance two NAT destinations, in the Translated Address we have a group with the two IP destinationWe need to performing a failover if NAT # 1 192.168.251.21 stops working, passing to NAT # 2 192.168.251.22.When the IP # 1 is turned off, so that it sends the traffic to IP # 2, it is still trying to go out on IP # 1Is t...

RodrigoB by L0 Member
  • 3015 Views
  • 2 replies
  • 0 Likes

Resolved! Does Paloalto Firewall support autoconfig for IPv6 interface

In my environment, I have 1 ADSL router supply IPv6 prefix, It working well with my IPv6 laptop and can go through internet using prefix from router + generated interface id. Does Paloalto support autoconfig for IPv6 interface? I need it because my router random change global prefix.

Resolved! Panorama > Policies > Security > Post Rules > Zone field has a red background

Hi thereWhy does the zone in the screenshot appear with a red background?It is the same when browsing direct to the FW itself.There is an interface in the zone with a subinterface.Both main and subint are up.IP address configured on the subintThe interface which is a member of the zone is shown below:Any replies much appreciated

2021-03-24 15h15m53 Zone Red backgroud.png
2021-03-24 15h20m21-StdF Interface setup.png

Resolved! March Madness 2021

Have any new application signatures been released for March Madness 2021? I'm able to find the historical ones but have not seen any for 2021 yet.

bmeyer by L0 Member
  • 3531 Views
  • 2 replies
  • 2 Likes

Resolved! Meraki to PAN Conversion?

Does anyone have any thoughts on doing an export/conversion from Meraki to PAN? There doesn't seem to be a direct conversion process so any help would be appreciated, I'd rather not completely build out the PAN if I don't have to.

Resolved! SSL Decryption Question PANOS9

Hi, i have one short question about PANOS 9 and 10 ssl decryption.We use ssl decryption on all PAs for many years.Is the rule 77 obsolet after upgrade to PANOS 9 /10??The rule was a must have for ssl decryption working on PANOS 7. Best regards,Chris

HW-ChrisME_1-1616593171357.png

Resolved! FW routing packets to internet vs internal

I have a weird issue with a LAB interface/zone that when packets to a cloud IP that is reachable via the core it routes it to the internet vs the core. All other traffic is routed correctly but not this and I can't seem to figure out why. 10.100.2.1 is my core, 10.100.99.1 is the lab interface on the PAN which is part of VR1 (only virtual rou...

drewdown by L4 Transporter
  • 2366 Views
  • 1 replies
  • 0 Likes

Revert Pan local interface object back to Panorama

Hi All, I follow this KB by remove static route to particular interface from virtual router but https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PLIxCAO I face another issue is the set vsys vsys3import network interface [ ae3.1111 ae3.1112 ae3.1113 ] example I tried to delete vsys vsys3import network interface ae3.1111,...

Kiizai by L0 Member
  • 2151 Views
  • 1 replies
  • 0 Likes

PAN-GPS POWER SHELL

Hello,I have the below query, can someone explain this.While reviewing PowerShell command execution we encountered a scenario where PANGPS.exe file in the program files Palo alto installation folder was generating PowerShell commands. i want to understand the purpose of the execution of the PowerShell command along with the validity. Also we wan...

Resolved! Compatibility SFP for PA-5250

Hello,Can you help me? I have an Avago AFBR-709SMZ SFP, in the documentation it says that it has withdrawn from the AVL. So, can I use them and it would not have problems in their operation? https://live.paloaltonetworks.com/t5/operations-documentation/updated-on-02-09-2021-document-810-000096-00s-ref-transceiver/ta-p/227987?attachment-id=9477

Resolved! Subscribe to Newsletter and CIRT

Hello All, Hope you are all well and safe. I'm looking for a way to register to the PA Newsletter and CIRT Notifcations as to be aware of any security threat or a CVE related to PA Devices as to keep my customers devices up-to-date, and their network secure. Can someone guide me on how to do this?

Unable to block https from untrust zone

Hi guys, I have a query were im not able to block https traffic for a specific domains subdomain to be blocked. Where i have created a url catagory and mapped it with url filtering and called that in a security policy.But as i see that the http is getting blocked as a descriptive value as threat and the https is getting allowed for the same set ...

Autofocus and minemeld

Hello, I don't understand what the Autofocus service is doing. What is the goal ? It provides the list of attacks present in a corporate network? How do you connect the firewall and the Autofocus service? I also do not understand what the Minemeld service is doing? It provides the indicators, for example: the number of attacks suffered by a c...

Sarou22 by L2 Linker
  • 2195 Views
  • 1 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks