This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4110 Views
  • 0 replies
  • 0 Likes

PA-220 radius authentication for management

Hi All, I am trying to configure my PA-220's with Radius Authentication for management access am having some issues around the configuration.The PA-220's are running PAN-OS 10.01.I have created an Admin Role, Authentication Profile and a Radius Server Profile.I have created a Radius Client and Network Policy using the Vendor Specific 25461 attri...

Scott64 by L1 Bithead
  • 2137 Views
  • 1 replies
  • 0 Likes

GP is unable to Sign In IPhone when Connect on Demand Option is Enabled.

Hi Team, I have an issue that, When the Global Protect App is installed on an IPhone / IPad. We are unable to Sign-In / Connect to VPN if the "Connect to On Demand" option is in Enable state. If we disable that option and then tried to Sign In / Connect the VPN we are able to connect. Just want to know the reason behind this why it is connecting...

SahulH_1-1601901920037.png
SahulH by L3 Networker
  • 2312 Views
  • 1 replies
  • 0 Likes

Resolved! Stupid question time........

Let's say I have an objected named "Pizza" with an ip of 10.10.10.10/32 and it is in use on a security rule.I create another object named "Pizza1" with an ip of 0.10.10.10/32 and use it in a different security rule. Could that create a problem with the first rule assuming different let's say destinations or APP-ID/Ports?

Integrating Minemeld Taxi with Cisco ESA

Hi All, I am trying to set-up Taxii output in Minemeld with Cisco ESA and I am receiving below error. The Warning message is: THREAT_FEEDS: Unable to fetch the observables from the source: CofenseTaxiiMinemeld after 3 failed attempts. Reason for failure: Taxii Error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)...

Inbound SSL decryption troubleshooting on PANOS 9

I am trying to configure URL filtering on an internal SSL web host and having problems. I've found multiple videos and articles on both URL filtering and inbound SSL decryption but I cannot get it to work. I've taken a step back and am just trying to verify the SSL decryption is working. I have uploaded the SSL cert (PKCS12 format) no problem...

acravens by L0 Member
  • 4530 Views
  • 3 replies
  • 0 Likes

PA220 HA shutdown problem

Hello, I have an active/passive PA220 cluster which unfortunately had a shutdown and now I want to find out what exactly the reason was.At Monitor -> System: HA Group 1: Dataplane is down: dataplane exit failureHA Group 1: Moved from state Active to state Non-Functional HA Group 1: HA heartbeat backup information has been used for HA state ch...

PA500 Restart Reason Log

I am trying to determine why a PA500 firewall was rebooted...i ran this command: tail mp-log masterd.log and got the below. I couldn't find any references for the restart reasons. How do i know if there was a power outage? Thoughts? 2018-11-28 13:37:13.158 -0500 INFO: l3svc: received user restart2018-11-28 13:37:13.172 -0500 INFO: l3svc: User re...

Expedition Tool Cisco to PA

I am having an Existing setup of cisco where all my ISP are terminated which is a standlalone device ,now migrating to PA 3220 with HA,but over here my ISP will be terminated on switch and from switch one cable to PA 3220 will be going...how do i migrate interfaces of all ISP(Approx 5) to Palo Alto(1).How do i do remap,in this case,will i need t...

Swetang by L1 Bithead
  • 2149 Views
  • 1 replies
  • 0 Likes

Custom Report Start and End Times Inclusive or Exclusive

I am exporting a Custom Report to a CSV and want to make sure I don't miss any data. Scenario 1: I want to include a full day's logs in one file For October 1, 2020. Would I set the start time to midnight and the end time to 11:59 PM, or would I put the end time to October 2, 2020, at midnight?Scenario 2: I want all the data for the full 8 AM ho...

Screen Shot 2020-10-03 at 1.48.55 PM.png

PANOS10 Security Policy Not Matching Randomly

Running a PA220 with PANOS 10.0.1 Simple NAT/Security policy in place to permit an outside application access on X port. Traffic flows as expected, although randomly traffic goes unmatched and is dropped by the FW. Jiggling the handle by remapping the port from 80 back to 2075 with commits corrects the issue. TAC has reviewed the configuratio...

jdigangi by L0 Member
  • 2834 Views
  • 3 replies
  • 0 Likes

Zscaler and Global Protect Compatability

Does anyone come across issues when we are running Zapp and Global Protect client together on MAC.We have GlobalProtect with split tunnel mode and we are in phase of migrating to Zscaler solution. We deployed Zscaler with ZIA enabled to for set users and people started complaining about performance issues.After couple of tshoots we decided to lo...

Resolved! Wildfire Virus detected on firewall but not on Wildfire Portal

Hi, the file t32.exe is considered as wildfire-virus Win32.WPCGeneric.cnp and blocked on the firewall.But when checking this file on Virustotal and eu.wildfire.paloaltonetworks.com/wildfire/ it is considered as benign. https://www.virustotal.com/gui/file/352df104254095ddf925514d99bfb5411c95b5386e90caf06557979f82e16844/detectionThe file is part o...

FMueller by L0 Member
  • 2877 Views
  • 1 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks