This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4108 Views
  • 0 replies
  • 0 Likes

DDNS over PPPOE

I would like to know some details about DDNS over pppoe. That feature was not available in 9.1.x series below is the document i chedked. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/networking/dynamic-dns-overview.html However, when I check the same docs in 10.0.x series that is available. https://docs.paloaltonetworks.com/pan-os...

Jafar_Hussain_0-1615877557334.jpeg
Jafar_Hussain_1-1615877557336.jpeg

Jitter when making Phone calls

Hi ExpertsThe client is reporting Latency/Jitter when making the phone calls which is traversing through the PA firewalls 5220. We've QOS policy configured for the RTP/SIP applications (User/Zone is set to 'any') with Class 1(real-time) . Also, we've configured a Guaranteed Egress of 5000Mbps for this Class1 traffic under QOS profile which is ap...

Upgrade/Move from Panorama Legacy mode to Panorama mode

Hi,Currently Panorama is in Legacy mode, there 5 devices connected to it, 2 in 2 data centres, one at an office. Templates are configured and synced across devices including device specific templates (like configs and other device management configs). However due to the logging limitations we need to change to Panorama mode. The other temporary ...

M500 Disk Pair Raid status changes between active and clean

If I execute the command 'show system raid detail' on my m500 log servers I see the status of the disk pair toggling between active and clean. I am wondering why it would doe this. Is this normal? admin@LOG01> show system raid detailDisk Pair A AvailableStatus activeDisk id A1 Presentmodel : ST2000NX0253size : 1907729 MBstatus : active syncDi...

How are 'Bytes' counted in ACC and traffic logs?

Hi All,One of our customers has blocked the 'Music' category in URL Filtering but when we filter the 'Music' Category in ACC, it shows total bytes for the last 7 days as 5 GB. So what do bytes really represent? Why does it show 5 GB when the category is blocked? Please explain this in detail.Regards,Hiren

How to Renew Certificates for GlobalProtect Devices

Hi all, I want to renew the expiration date of the certificates for my globalprotect devices. The firewall is the CA that issued the certificates. My question is whether I have to export and import the certificates after renewing them by following the steps on this article: https://www.paloaltonetworks.com/documentation/61/pan-os/pan-os/cer...

Carracido by L4 Transporter
  • 29045 Views
  • 7 replies
  • 2 Likes

Palo Alto appliance SSL-VPN throughput

Hi all, I searched all the documents available for Palo 5220 (performance datasheet, PANOS admin guide etc) but i cannot seem to find anywhere specified the SSL-VPN throughput...only the maximum number of SSL-VPN tunnels. Is there anyway or maybe a document where I can find this parameter? I need this for writing a technical proposal to a client...

livliv by L0 Member
  • 3609 Views
  • 1 replies
  • 0 Likes

Resolved! Cannot install Machine Certificate for GP Pre-logon

I encountered a problem installing the machine certificate.I followed the article below:https://live.paloaltonetworks.com/t5/news/globalprotect-pre-logon-authentication/ta-p/322237 We are using a self-signed root ca that is in the cert profile for auth, then generated the server cert and machine cert and signed them with the same root. Then expo...

ERROR.png
CERT.jpg

Connect 2 Aruba Controllers to PA-220

We have two Aruba wireless controllers in a master / secondary configuration. Each one has a trunk port which contains about a dozen VLANs with our guest wireless traffic. The VLANs are arbitrarily assigned to the trunk ports by the controllers and can change depending on network conditions (from what I understand). The PA-220 is the gateway ...

radius user group

Hello! I'm studying the PCNSA, may I ask you a question about a security policy?The "it" group in that policy could be a Radius group imported on the FW?Or could be a way to map users to group? PS:it would be very useful if Palo Alto offered a free VM lab to test which we are learning, anyone know if it's already been provided? Many thanksAle

group palo alto.png

Resolved! Transport of Decrypt Port Mirror traffic to a remote Switch/Server

We've been trying to redirect the decrypted port mirror traffic to a remote sever in the network.If we plug a notebook into the decrytp port mirror of Palo Alto, we see all the decrypted traffic in Wireshark.So, we tried to connect PA port into a switch and use Cisco RSPAN to send the traffic to our remote Server. It just doesn't work.I may be f...

Resolved! What's The Difference Between Interface VLANs Tab and VLANS Section In Sidebar? (PA-220)

Hi all, I'm confused as to what the difference is between the "VLAN" tab under "Interfaces" in "Network and the "VLANs" section in the sidebar in "Network"? My goal is to create a couple of different VLANs for a network where certain traffic has to be segmented from other traffic. All of my ports are operating on L3. Thanks!

Resolved! Query on clientless VPN

We are told that the clientless apps only works with HTTP/HTTPS based apps, and therefore we cannot use it to allow MS remote desktop. This is the problem I am trying to solve. Our users currently use their own computers at home. They connect to the corporate network using Global Protect, but of course this could be a security risk if one of th...

NEED TO CREATE NEW VYSYS ON FIREWALL MANAGED BY PANORAMA

Hi Team, I am planning to create new vysys on firewall which already managed by panorama. In this case if i enable it from panorama and push the configurations to local firewall will create automatic device group and templet will be crated are do i need to create it manually. Please help me here @Bpray

saifulla by L0 Member
  • 2626 Views
  • 1 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks