This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4117 Views
  • 0 replies
  • 0 Likes

Resolved! Using Palo Alto firewall as a proxy (anonymous browsing + URL filtering)

Hi all, We currently have a setup using a Forcepoint Content Gateway for proxy server with an external facing Palo Alto 850. The main we reason with use the Forcepoint appliance is for: 1. "Anonymous browsing" (no leakage of internal IP spaces)2. DLP3. URL Filtering Ideally, I would like to remove this appliance to simplify our setup and I under...

Gregoryp by L1 Bithead
  • 10158 Views
  • 2 replies
  • 0 Likes

PAN OS Session Table Clearing -> no RST/FIN Connection sent out ?

Hi Experts, I have the following situation. I'm running an A/A HA Cluster based on 2 5220 PA Appliances (PAN OS vers 9.0.x) Occasionally (following a failover event) we noticed that some of our Long Lived sessions (NFS + Oracle DB Sessions) active across the cluster do not seem to be properly handled at session table level cluster wide any longe...

Resolved! Book for Palo Alto

Hello Everyone, Hope you all are doing fine. I am new to PA firewall and just started to study PA concepts from PA forums. But i want to purchase book and study from it. Could someone please advice if below book would be good to start from scratch? . I found it on amazon Mastering Palo Alto Networks: Deploy and manage industry-leading PAN-OS 10....

Resolved! Trouble with IPSec Site2Site VPN

I am a beginner in the Palo Alto World.I want to setup a Site2Site VPN to a customer.The customer has a Palo Alto System running.I cannot get the tunnel up.The admin of the customer and me are troubleshooting the problems, but so far nothing is working.The customer site seems to be ok, because he has some other site2site VPNs running.My firewall...

c.keller by L1 Bithead
  • 9593 Views
  • 8 replies
  • 0 Likes

Resolved! HA not working with interface monitoring any

Hello all, i configured HA between paloalto peers , and HA failover as default without definig specifc interfaces and left it to "any" when interface of inside zone shutdown from switch side , failover will not be trigered ? and need to fix it

BPA - Sanctioned apps

This might be a naïve question. But how does it help me/organization going through every single app and marking it sanctioned, tolerated or unsactioned. It seems to me of no use, other than for the reports for executives, while apps still get allowed only after the CAB approval.

raji_toor by L4 Transporter
  • 4830 Views
  • 4 replies
  • 0 Likes

Resolved! Globalprotect VPN tunnel interface-IP address

My global protect VPN's tunnel interface does not have an IP assigned but I would like to assign it a fictitious IP to enable tunnel monitoring/ dynamic routing. will it cause any issues to the remote users? what role does this IP play in the tunnel interface?

Cant commit to panorama - This config has been sanitized

HelloIM trying to modify one of template and create extra account. However i receive this error. Partial changes to commit: changes to configuration by administrators: adminChanges to template configuration: (firewall_template)This config has been sanitized of password data because it was exported by a non-superuser or was part of a tech support...

wjt82918 by L1 Bithead
  • 5966 Views
  • 1 replies
  • 0 Likes

Resolved! Upgrade dedicated log collectors from 8.1.6 to 9.1.4

After upgrading, I can no longer login to the dedicated log collectors via the CLI or serial console.Prior to the upgrade, and I mean just before, I did login via ssh to show system info and see I was at 8.1.6.Right after the upgrade, my intention was to do the same but can no longer login. I tried to set the admin password via panorama and push...

MarkDufault_0-1602179567003.png

User-ID Agent, uninstall slows down network logons

Hello, I am not a Network Engineer but am trying to assist the folks running the network at my company. I am in charge of Active Directory. The Network Engineers recently uninstalled the Palo Alto User-ID from two of my Domain Controllers. Since then, we have seen network slow downs randomly, for certain Netlogon connections between Domain Contr...

Resolved! BGP wildcard filtering to prevent /32 regardless of network

Hi Forum Folks, is there a way to filter within PA BGP's all /32 networks ?we have a community based connection to a customer and i want to prevent redistribution of *.*.*.*/31-32 networks As far as i tried, i have to be very specific with such a filter on the PAe.g.10.19.18.0/3010.20.99.0/30I have to create a filter for each of theminstead ofe....

VPN - INTERMITTENT/UNSTABLE VPN CONNECTION

Hi,In my team multiple users upgraded windows 7 to windows 10 after that VPN intermittent issue happened. every 5 seconds VPN(GP Clint) is disconnected. i tried uninstalled GP in mobile and also laptop but still same happened. latency is normal and tracert is completed.. How can resolve this please update. This morning, we had a walk in user tha...

Resolved! When will the GlobalProtect GUI be supported on Ubuntu 20.04

I see on the following documentation page that only the CLI version of GlobalProtect is supported on Ubuntu 20.04, not the GUI version. Does anyone know when the GUI version wil be supported, or where I should look to find this information? Thanks!https://docs.paloaltonetworks.com/compatibility-matrix/globalprotect/where-can-i-install-the-glob...

arderyp by L0 Member
  • 16727 Views
  • 3 replies
  • 0 Likes

Resolved! unable to block exe files after using File blocking Profile

I have followed https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/threat-prevention/set-up-file-blocking and created a file blocking profile to block Downloads of exe format while browsing. But it still does not block the exe downloads on the server i applied the file blocking profile. Please check and suggest the fix.

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks