This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4132 Views
  • 0 replies
  • 0 Likes

Kafka is using port tcp 9093 for private communication

I see Kafka streaming is using port 9093 but in the PA 5220 does not identify it as kafka (unknown TCP). the app-id DB is showing kafka with tcp port 9092. is there a way for PA to append it to kafka app ID ? I already added as a custom app but i think i am missing something since i still see it as a unknown tcp.

Resolved! Ubuntu connected with PA firewall (AWS instance) trusted network can't ping untrusted network

My PA-VM is AWS EC2 instance using software version 10.0.2. 10.20.10/24 is VPC's public subnet, 10.20.61/24 is VPC's private subnet. Ubuntu10.20.61.81 can ping 10.20.61.61, but can't ping 10.20.10.0/24 network. Ubuntu 10.60.0.100 can ping 10.20.61.61, but can't ping 10.20.61.81. I have allow 10.60.0.0/24 in the ubuntu10_20_61_81 Security Group.W...

Susan_Avxt_1-1608101823548.png

Panorama backup query

Hi Team Currently we have two Palo Alto Firewall & one "Panorama" but we are getting only Panorama backup. we want to confirmation whether Panorama having only panorama devices backup( Excluding Palo alto Firewall ) or its having including Palo alto Firewall. RegardsMohammed

Resolved! Using Python to perform a Commit/Commit-all on Panorama

I am trying to use a Python AWS Lamdba function to commit/commit-all changes after the lambda function has made the appropriate updates to the Panorama. My problem is that the commit-all API call happens too soon after the commit API call and the commit-all does not have any committed changes to process. How can I wait for the commit job to com...

Resolved! Remove devices form the customer portal

Hi there, We have several older model devices that we no longer use in production so I wanted to remove them from the customer portal. I don't see an obvious way to do this so I wanted to put the question out there. How do I/ can I even, remove devices from the customer portal?

Jamesy by L2 Linker
  • 7157 Views
  • 3 replies
  • 0 Likes

INFO gave up: minemeld-engine entered FATAL state

Hi,I am using ubuntu 20.04,Installed minemeld using docker and using minemeld on web interface.I am getting this error and the below log:$ sudo docker logs minemeld*** Running /etc/rc.local...*** Booting runit daemon...*** Runit started as PID 8minemeld: checking if dependencies are running...run: redis: (pid 21) 0srun: collectd: (pid 18) 0sCopy...

minemeld_ui.jpg

Resolved! Zone for vpn

Hello , We have currently three diffent zones defined . Zone A vlan 100. For wired users Zone B vlan 200 for wireless users Zone V tunnel/ loopback interface for Global protect users. All the above users mentioned are corp users. Now customer wants to create. single zone called "All users" and want to put vlan 100 200 and loopback/ tunnel into i...

Resolved! Session moves from ACTIVE to DISCARD in middle of download once zone protection enabled.

Hi Community,I am seeing the below behaviour in my PA-850 running on 9.1.4. Security policy is allowed for traffic.Scenario-1, without zone protection in internet zone - Everything works fin Scenario -2,Having zone protection with pretty much all options enabled for 'IP Drop' and TCP drop' and other options as well. Applied it on internet zone.E...

Resolved! Layer 2 MPLS pseudowire to span HA ports across sites.

Hello, I'm still learning PA and I'm planning to create a pair in HA Active/Passive mode. I was planning on connecting HA1A, HA1B and HA2 to a Cisco switch. Each port on a different VLAN. I was then going to trunk this traffic to a Cisco router (ASR920). I'm then planning to link two sites using layer 2 MPLS pseudowire. As anyone experienced any...

Jedi_D by L2 Linker
  • 3749 Views
  • 2 replies
  • 0 Likes

Resolved! PA-820 Terrible throughput

Hi All, I have a PA-820 running 10.0.3. Lately my main connection was a DSL connection that limited me to 12/1 (on a perfect day). However I finally got on to the Starlink Beta, hung the dish and started getting items setup. When I pass any traffic through the PA, I am limited to <14Mbps down, <1 Mbps up. I have a very simplistic rule set,...

JCRUM12 by L1 Bithead
  • 5289 Views
  • 3 replies
  • 0 Likes

Trouble routing VXLAN traffic as it enters the outside interface

Hello community,I am attempting to create a VXLAN over IPSec solution between my PA-3250 and a remote Fortinet FortiGate 61E. I have managed to get things configured correctly on the FortiGate (I think) as I am seeing the traffic entering on the Palo side. I am using Tunnel Inspection on the Palo side and it appears to be set up correctly. In th...

Want to use IPv6 for bi-directional nat for VC.

Hi, Want to use ipv6 for bi-directional natting only for VC. Want to know the procedure on how to configure it. I have tried https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/networking/nat64/configure-nat64-for-ipv6-initiated-communication.htmlthis link but when I commit the configuration it's got failed.

  • 24337 Posts
  • 124 Subscriptions
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks