This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4474 Views
  • 0 replies
  • 0 Likes

Resolved! Changing the panorama service route without causing a revert

I am running into a problem and looking for any ideas or experience that may provide a solution. I have a firewall that is managed by Panorama and the service route for panorama is set to ‘default’. I want to change this route to communicate to panorama over an IPSec tunnel. This change causes a revert and I guess this is probably expected beha...

Dataplane goes restarted

i have a paloalto 3220 model After plug the new SPF all the interface port goes down as well as dataplane goes restart.Once i unplug the SFP again dataplane goes restartsAll the interface are goes downHA Logs: 2021-01-27 16:28:07.512 +0500 debug: ha_sysd_general_vers_string(src/ha_sysd_version.c:1835): Got new Threat Content: 8369-6522; for pee...

Domain joined PCs and user logoff events?

Hi all, I was reading in some of the documentation for User-ID to see if we can improve our security a bit. Basically, I'm currently setting User-ID logs to no timeout with the assumption that a new user login will generate a new one and override the old one. We've been doing this because a number of users leave their computers locked instead ...

jsalmans by L4 Transporter
  • 3856 Views
  • 2 replies
  • 0 Likes

Resolved! Predefined Firewall Report Error - No matching data found

Hello, Has anyone come across problems generating the predefined report with the error " No matching data found" as per the below? I have tried rebooting the management server, I have also confirmed that the predefined reports are all enabled I also do not see any specific errors in the system logs relating to reports. I am open to any suggesti...

Sarc845_0-1608287289337.png
Sarc845 by L2 Linker
  • 8132 Views
  • 5 replies
  • 1 Likes

User-Id Mapping / Ignore user list

Hello,I am running into an issue with Global Protect users due to remoting into other machines with other credentials. I have read extensive articles about the issue and understand that the firewall can only map one user name to an IP. That appears to be exactly what is happening., A user logs in and has internal connectivity, then logs into an ...

APP-ID: Target app and Depends ON APPs over more then one Security Rule! YES or NOT?

Hi There, I didn't find a real answer for the question, if its nessessary to add "Depends On" Apps in the SAME security rule or is it also possible to add this in the security rules before? Example for specific app and all "Depends on" in have to be in the same security rule:https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000...

fhu_omi by L3 Networker
  • 7681 Views
  • 5 replies
  • 0 Likes

Zone Protection drops traffic

We have below settings for our untrust zone protection. We don't see a high CPS rate but we still see packets getting dropped, and has now started effecting us. Any guidance would be helpful.PANO9.0.11/5250

image.png
image.png
image.png
raji_toor by L4 Transporter
  • 8030 Views
  • 9 replies
  • 0 Likes

Unexpect single port disconnection from PA-220

My client's PA 220 cannot reach to his gateway. However, after he has reboot his PA, the connection is back, but only for few hours long! No matter how I have add the MAC address and troubshoot the problem of the system. I have checked both port on therouter and the port on the PA. I have added the MAC address on the ethernet port. I have even ...

Resolved! Cannot view config difference in Panorama

Hello, When I do a 'show config diff' from CLI in Panorama, all I get is something like:- outfile /opt/pancfg/session/pan/user_tmp/6822880318474071/opresult.out.10687;+ outfile /opt/pancfg/session/pan/user_tmp/6822880318474071/opresult.out.10688; Using 9.0.7 No change was made and I can view the config difference from the firewall and also...

Minemeld miner that accepts email addresses.

Hello Guys,Am new to mine-meld and trying to add a node/miner that can collect email addresses.I was able to find the Prototype aggregator "stdlib.aggregatorEmailAddress" but not the prototype Type=miner and indicator=email-addr.Could someone please suggest/guide me set the miner?Thanks,Vamshi.

LIVEcommunity account lost (or stolen?)

Hi everybody! Today I logged into my LIVEcommunity account as usual, but my profile has gone. It seems that I got a brand new account, while the original one is not accessible. This is my original profile: https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/61214 Now my profile appears to be this: https://live.paloaltonetworks.com/...

grenzi by L0 Member
  • 4245 Views
  • 3 replies
  • 0 Likes

Resolved! User Group Count exceeds threshold - PANORAMA

Hi Folks, looking for advice on an alert which is bugging me. Our Panorama instance regularly (2 per hour) reports that:Panorama - SYSTEM ALERT : high : User Group count of 12080 exceeds threshold of 10000 Now this is correct - as it comes from two (soon to be four) firewalls plumbed into LDAP/AD:admin@Panorama> show user group list device-gr...

GN_ROS by L1 Bithead
  • 8053 Views
  • 8 replies
  • 0 Likes

Resolved! GP disconnect intermittely

Hi All, The users are able to connect and work for sometime and then traffic flow stops; although Global Protect Agent shows that VPN is connected.The user have to disconnect and reconnect again, then it will work for sometime and stops again. This intermittent issue can occur in 10 min, or 30 min or 1 hour or more, there is no definite time. In...

  • 24380 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks