This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

 

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! 

 

This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussi

...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 1819 Views
  • 0 replies
  • 0 Likes

VPN Tunnel Monitoring between two Palo Alto devices

Hello,

 

From what I understand, when creating a tunnel monitor between two PA devices it's best to assign IP addresses on the same segment to the tunnel interface on each side.  The monitor is then setup with the remote destination on each side.

 

Examp

...

NobleNOC by L0 Member
  • 2072 Views
  • 1 replies
  • 0 Likes

Resolved! PA HA with Port-Channel towards inside/trust connection

Hi,


We need to add secondary PA-220 to existing (production) standalone PA-220 and make it has Active/Standby. Trust interface on PA will be trunk with two sub-interfaces. Both the PA trust interfaces are going to connect downstream Core switch. Core

...

PA-HA.png

Resolved! Export GlobalProtect MSI file

Is there a way to export a deactivated GlobalProtect client MSI installer from the firewall or download a version from the support website?  A client also has a palo alto firewall, but is on a different client version than what I use internally.  The

...

Resolved! Log export error

Hello All,

 

I am facing issue to export traffic logs from the firewall in CSV format. getting the error "no jobs query found".

 

Troubleshooting:-

* Increased the CSV row number up to 1048576.

* I can export URL filtering logs, security policy, NAT policy

...

VSYS Migartion Query From DC5220 to ISP 5050

Spoiler

Hi Team,

I have below network Architecture

Upstream Internet Firewalls PA 5050 Active/Standby

Downstream Datacenter Deployment 5220 Active/Standby

Now We have 2 VYS in DC 1 is Normal 2nd DMZ Vsys.

Now i have to remove DMZ vsys to ISP can some guide

...

CLI/API command to verify Panorama push diff

Do you know of a CLI command or  a rest API call to push and  to show the changes of configuration to be pushed to a firewall from Panorama? I am trying to automate the process, but could not find any references. 

batd2 by L4 Transporter
  • 2353 Views
  • 1 replies
  • 0 Likes

Resolved! MDM Integration Service Cannot Be Started

I'm getting the following start error message on Windows Server 2019 running ID-Agent.

 

 

 

The MADebug file shows the following as well.

------------MDM Service is being started------------
11/10/20 15:52:06:552[ Info 1414]: Os version is 6.2.0.
11/10/20

...

Screen Shot 2020-11-10 at 16.01.40.png
Screen Shot 2020-11-10 at 16.02.52.png

Resolved! Route path monitoring and tunnel monitoring together?

I'm switching to route path monitoring for VPN backup failover and would like to keep my tunnel monitoring active for down/up tunnel email notifications.  I can set the tunnel monitoring to wait to recover.  Can I use both of these at the same time a

...

treese by L3 Networker
  • 3071 Views
  • 2 replies
  • 0 Likes

Resolved! Aggregate vs Zone protection profiles

We have separate zone protection profiles for each zone. And the definition of aggregate says that "all thresholds apply to the entire group of devices specified in a DoS Protection policy rule". So if we are trying to protect servers in DMZ, unless

...

raji_toor by L4 Transporter
  • 2909 Views
  • 3 replies
  • 0 Likes

Temporary disable Miner / Malwaredomainlist offline

Hello!

 

Does anybody know how to temporary disabel a miner without deleting it from config ?

 

Problem is, that currently www.malwaredomainlist.com gets resolved to 127.0.0.1 and the miner alerts in the log files with

basepoller._poll ERROR: Excepti

...

HA sync option not showing in Panorama

Hi Team,

 

I import the configurations from managed device to panorama then export to managed devices of our A/P firewalls. everything went well. but when I see the summary on panorama passive device template showing as in sync but active device templa

...

Resolved! Managing Windows Services

Ok, so this may be a stupid question, but I have a server that has a web service running under a domain\webservice account.  I want to define a security policy for the service, but the firewall does not consistently get the correct user.  After a reb

...

  • 24244 Posts
  • 117 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks