This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4111 Views
  • 0 replies
  • 0 Likes

Authorization codes

Hi Can anyone guide me how I can renew licencing with new authorization codes ? From where can I purchase them please ?

cclltd by L0 Member
  • 1967 Views
  • 1 replies
  • 0 Likes

Issue exporting a complete configuration out of Panorama to put into Expedition

We are starting a massive refresh project that will require us to split existing firewall functions onto separate devices. Plan was to pull the existing configurations out of Panorama for each target device into Expedition and then alter and improve the configurations as needed there before exporting/importing to a new Panorama and the new firew...

Resolved! Paloalto firewall bgp local rib

Hi,In plaolto bgp routing table, Local rib is showing the same subnet asprefix flag nexthop172.16.50.0/24 = 172.16.1.9172.16.50.0/24 * 172.16.1.5 what does this "=" means?

Angular JS and weak TLS ciphers such as 128 bit vulnerability

Hi Team As we could not able to find out the below vulnerability which is found on below model during penetration testing So , Please help us to find out the details for this vulnerability and let us know if any workaround is there or not. CVE-ID-2020-7676 Anyone got the similar vulnerability ? RegardsMohammed Asik

certificate authentication to establish a site-to-site VPN

Hi everybody, Does anyone knows if it's required by Paloalto that the identification data fields during ike setup be encoded with utf8string? Or is there an incompatibility in Paloalto if these fields are encoded with printablesting? The other end is not a Paloalto, if we use pre-shared keys it works fine.If I load the certificate from the other...

BigPalo by L4 Transporter
  • 2033 Views
  • 1 replies
  • 0 Likes

Rules audit

Hello all,I am looking for firwall hardening rules auding. what should be in consideration and i have only GUI view privilege's.Regards

raoali by L0 Member
  • 2239 Views
  • 1 replies
  • 0 Likes

Aggregate Interface MAC is not Showing in cisco switch

Hello Everyone,We have configured LACP between paloalto and cisco switch and Aggregate Interface is showing up at both end but at peer switch its mac address not showing. However physical port of other interface mac address is showing on that switch. Please suggest what is next plan of action. model: PA-5220sw-version: 9.0.5

Antivirus Policy - Action based on Severity Level

Hey All,we have Antivirus policy in place and we are seeing many, what we believe are, false positives. Mostly on PDF files. Since number is rather high, reporting each one seems a bit excessive. What they all have in common is their severity which is MEDIUM.With that said, our approach would be to deny only HIGH and CRITICAL severity event and ...

Mail alert or report for schedule policy expiry time in firewall

Hi Team In Palo alto firewall whatever the time based policies is going to expire for that we want to configure the mail alerts or reports for example if any rule is going to expire on date of 24 October we should get report or mail alert of those rules by today (2 days before) , how we can achieve this?Is it possible in palo alto ? RegardsMoham...

Resolved! Layer 2 Virtual Wire and Layer 3 in on PAN

The network I inherited has a Cisco ASA and a PAN 3220 operating asa virtual wire in serial. The NATs and most of the ACLs are at the ASAwhile the PAN takes care of other protections such as geo blocking, correlation alerting and so on.{Internet}--[Edge RTR]--[ASA]--[PAN]--[L3 Switch] I was hoping to put in another pair of PANs into our cage. Bu...

palomed by L3 Networker
  • 4481 Views
  • 1 replies
  • 0 Likes

IPSEC VPN intermittent issue

HI, I have IPsec vpn tunnel between Palo alto to cisco asa, tunnel is UP however it disconnect intermittently. Is there any way to check reason behind disconnection in logs? I have applied path monitoring but it show only UP and down logs not exact cause. ThanksDhananjay Bhakte

Live community email DMARC issue

Notification emails that I normally get from the Live community are failing DMARC checks which is causing them to be quarantined. Their DKIM appears to be invalid and SPF is also failing. This has been happening for probably a week or so. I've been unsuccessful in reaching anyone at Palo Alto to get this resolved. If anyone here is able to a...

cchaffee by L1 Bithead
  • 2969 Views
  • 1 replies
  • 0 Likes

Probably a Stupid Question Tagged Interface

This is probably a stupid question, but if I just create another Layer-3 sub-interface off of an existing physically connected interface, and TAG that sub interface, that is all I need to do to bring a tagged trunk in through an existing physical connection right? Excluding, zones, virtual routers, policies, and all that other stuff, but the con...

birkhojk by L2 Linker
  • 2152 Views
  • 1 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks