This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4118 Views
  • 0 replies
  • 0 Likes

Impact to active sessions when we change a firewall NAT policy

We are going to change a source and destination NAT policy. Assuming the related security policies are in place for both the before and after change connections, are we going to see impacts to those sessions that have been active before the NAT change? For example, the NAT is to change connection source and destination from (10.1.1.1 to 10.11.1...

skuo2020 by L1 Bithead
  • 3599 Views
  • 2 replies
  • 0 Likes

Why traffic log shows that traffic match allow policy but the result was reset by default deny policy?

Does anyone have following experience and could give me some idea to fix this issue? Thanks a lot ~ I found sometimes the traffic log shows that traffic match allow policy but the result was reset by default deny policy. For example: I have a policy for allow some users to access TCP 58975.I checked traffic log and I found traffic be reset by in...

圖片1.png
圖片2.png
圖片3.png
neilwu by L2 Linker
  • 2692 Views
  • 1 replies
  • 0 Likes

Unable to access the https://panwdbl.appspot.com

Hi All, Today we have a PA Firewall and MineMeld unable to access the https://panwdbl.appspot.com is this down or decommissioned. Tried going to this URL and I get a 404 error? Has this page moved and I missed a notification, down for good or just an outage? Obviously impacts some of the EDL. Regards James Chim

http://panwdbl.appspot.com - Not Working

Do you make use of the EDLs available here? If you do you may have noticed they've disappeared, Google says the page doesn't exist. You may want to look for alternatives if you're using these lists. Jason

ethiSEC by L2 Linker
  • 6404 Views
  • 3 replies
  • 2 Likes

PBF for Guest Network

Hello, I'm trying to route all GUEST traffic on a PA firewall to ISP-2. I understand you can use PBF on the PA firewall to route based on source address. I don't have a lot of experience with PBF and have encountered a few issues when trying to implement this. Some questions I have1). Do I need a 2nd VR to do this? 2). Do I need 2 new security ...

jocisneros_coe_1-1614805195327.png

Resolved! Application dependency Warning

Hello, We implemented the blocking policy for the custom URL categories however now once committed we receive commit warning like the following: Application 'dropbox-base' requires 'web-browsing' be allowed, but 'web-browsing' is denied in Rule 'outbound-advertisement-block'Application 'google-drive-web' requires 'google-base' be allowed, but 'g...

Farzana by L4 Transporter
  • 8438 Views
  • 6 replies
  • 0 Likes

BGP show Local RIB before Import filters

Hello, After applying Import filters in BGP the Local RIB is reduced to a filtered set of routes advertised by peers. However it seems to be impossible to see what the original set of advertised routes is. The peers are still advertising these routes, but there seem to be no methods in the GUI or CLI (show routing, debug routing ...) to see thos...

Resolved! Panwdbl.appspot.com unaccessible

Hi All, Looked at my nodes today and it looks like https://panwdbl.appspot.com is down or decommissioned. Tried going to this URL and I get a 404 error? Has this page moved and I missed a notification, down for good or just an outage? Obviously impacts some of the DBLs I have. Regards Adrian

a.jones by L3 Networker
  • 18636 Views
  • 8 replies
  • 0 Likes

Failed to setup Local log collector on Panorama VM

Hi community, I want to setup new panorama VM to replace old panorama M-100 and accept new devices.I have deployed a vm on ESX with one disk of 81Gb and second disk of 2Tb.Panorama running version 8.1.13,you can see partial output of show system info to understand system mode and ressources allowed to VM.**********system-mode is panoramaoperatio...

vmplayer_ih9AGwttKU.png

Mac OS Big Sur support

I have accidentally upgraded to Mac OS Big Sur, since then Global Protect app is not able to connect to VPN. Should I expect Global Protect to work on Big Sur already? Or is it on the way? Thanks

Resolved! Meraki and Palo side by side with Palo using BGP

We currently have this setup in our datacenter. The Meraki HA pair is the VPN endpoint for our 120+ remote sites. In a DR situation the datacenter has IP mobility, where our current static IPs will failover. This setup uses BGP through the Palo. With BGP enabled on the Palo HA Pair and datacenter’s internet the Meraki HA pair is inaccessible, wh...

setup.jpg
Screenshot 2021-03-02 132554.jpg

Resolved! *Urgent* SSH Protocol Version 1

Hi Peeps,I got technical query regarding how to change SSH v1 to SSH v2 in PA firewall, Because one of our customer got an alert from VAPT tool like as follows,. Description :- KPMG test team observed that the Secure Shell protocol version 1 support was enabled on the tested devices.Secure Shell is typically used as a cryptographically secure ...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks