This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4110 Views
  • 0 replies
  • 0 Likes

Resolved! Jumpcloud RADIUS Auth failure

Hi, I have configured a RADIUS profile to use a "Directory as a service" provider (JumpCloud) for authentication, I have tested this with LDAP and everything seems to work as intended but when I configure the Radius profiles and test authentication via the cli I get the following responseFailed EAPOL auth (-1). Response for user: "bob" from RADI...

Marc_T by L2 Linker
  • 11775 Views
  • 7 replies
  • 1 Likes

Expedition 1.1.88 hangs during XML export due to ASA Tags/Objects

I have a repeatable issue with Expedition. I have an ASA with 3 contexts, no matter how i import them, export refuses to pull out tags cat /etc/tmp shows: Notice: Undefined offset: 0 in /var/www/html/libs/common/xml/panosxml.php on line 1752Fatal error: Uncaught Error: Call to a member function addChild() on null in /var/www/html/libs/common/xml...

what is mean ---authentication cannot have more than one subconfiguration

I use two PA820s for ipsec vpn and used certificate-Based Authentication for IKEThe 820-A version is 8.1.6 and the 820-B version is 9.1.4.820-A configuration ike gateway no problem。820-B will report an error when configuring ike gateway ,authentication cannot have more than one subconfiguration,I attach a screenshot for reference.Do anybody ha...

Felixcao by L3 Networker
  • 3830 Views
  • 3 replies
  • 0 Likes

Allow Sub-URL to Specific IP

Hi All, We've 'abc.com' as primary URL which should be accessed by all. sub URL - 'abc.com/odata' should be allowed to access only to specific Public IP which we mention. Please suggest how we can apply these policy in PaloAlto. Thanks,Sathish

Changing an appliance management IP on a Panorama managed appliance

Hello, I have to reconfigure management IPs on PAN-OS 8.1.x firewalls, which is managed also by a Panorama 8.1.x server. My thinking re process is as follows: Add new policy to allow Panorama to new Mgt IP on applicable firewalls and vice versa.Reconfigure management IPs on firewalls (locally)Reconfigure Panorama device groups etc with new manag...

gcampbe9 by L0 Member
  • 2824 Views
  • 1 replies
  • 1 Likes

Device Health Status

Hi Team, We have few firewalls (5520,5260, 3220 and 3260) managed by Panorama. I wanted to check the health status of those firewall. I found some of them are in Deviating Devices list due to the memory / CPU consumption. For example, in some devices the memory is 18% and it is in Deviating Devices list. Some devices memory utilization is 22 %, ...

How to fix this vulnerability in palo alto?

Hi, Please help to resolve the following vulnerabilityVulnerabilities :1. HTTP DELETE Method Enabled (http-delete-method-enabled)2. HTTP OPTIONS Method Enabled (http-options-method-enabled)3. TLS/SSL Server Supports The Use of Static Key Ciphers (ssl-static-key-ciphers)Thanks in advance

Changing password over GlobalProtect

Hi team,Does anybody know if there is any compatibility issue between Palo Alto and Aruba Clearpass for changing users' passwords?When we use Microsoft NPS, GlobalProtect users will be prompted for changing their passwords when the passwords are expired. However, when we use Aruba Clearpass instead of Microsoft NPS it doesn't work. The only work...

Resolved! Block microsoft updates by blocking ms-update app ?

Hello all,What is the best way to block microsoft updates on the PA ?I have seen the url filtering suggestion but was wondering could we just drop via ms-update app ?https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClbvCAC TksDermot

Resolved! Miner Node Connection Broken

Hello Folks, I've had MineMeld running successfully since August of 2018 with a number of nodes all working flawlessly until recently. One miner in particular is exhibiting an error after a drawn out polling session. Eventually, the miner goes into an error state and when hovered I receive the folowing: It's odd because this miner is still ...

Untitled.png
Capture.JPG

I need to block the file with it's classification content.

I am new in Palo alto I would need to block the file with it's classification data, in attached screen shot there is AdNew file and its classification on properties section is "Deepika_Classification" Label is there I need to block as per it's label. We are sending a classification name from the api but we need to search file if file contains i...

vivekbajpai_0-1607446416873.png

Panorama 10.0 Issue with Risk Factor displaying as zero

Hey everyone! So one of customers recently migrated to PAN-OS 10.0. They have a couple of firewalls, a M200 as a log collector and a Panorama appliance. The ACC initially doesn't show any data, which it did with previous releases. We must switch in a drop down menu and select the DataSource: Remote Data Device, which apparently loads data from t...

PA-VM (v8.1.10) shows ETH interfaces at 10G and need them to be 1G

Running GNS3 on VMWare Workstation setup.I have PA-VM installed running v8.1.10 code.Everything runs well but seeing that my interfaces are running at 10G (by default) and I can't change that.In Network-Interfaces-Ethernet-Advanced - "Link Setting" - Link-Speed and Link-Duplex are "grayed" out and set to AUTO.Using CLI my only option is "auto".T...

change log retention days

hello all, I'm trying to change the log retention days but i'm not sure about the below:- Does it required a restart or rebooting?- Does it have any impact on the firewall configuration or the services configured on it? Your help will be really appreciated,

HA, Active-Active or Active-Passive

Dears Expertise,we have 2 PA-3220, and we think to configure HA between those devices,now what is the best practices for mentioned topic Active-Active or Active-Passivejust i want to know what is the essential difference between them, when i need to use Active-Active or Active-Passive

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks