This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4222 Views
  • 0 replies
  • 0 Likes

Integrating Minemeld Taxi with Cisco ESA

Hi All, I am trying to set-up Taxii output in Minemeld with Cisco ESA and I am receiving below error. The Warning message is: THREAT_FEEDS: Unable to fetch the observables from the source: CofenseTaxiiMinemeld after 3 failed attempts. Reason for failure: Taxii Error: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)...

Inbound SSL decryption troubleshooting on PANOS 9

I am trying to configure URL filtering on an internal SSL web host and having problems. I've found multiple videos and articles on both URL filtering and inbound SSL decryption but I cannot get it to work. I've taken a step back and am just trying to verify the SSL decryption is working. I have uploaded the SSL cert (PKCS12 format) no problem...

acravens by L0 Member
  • 4593 Views
  • 3 replies
  • 0 Likes

PA220 HA shutdown problem

Hello, I have an active/passive PA220 cluster which unfortunately had a shutdown and now I want to find out what exactly the reason was.At Monitor -> System: HA Group 1: Dataplane is down: dataplane exit failureHA Group 1: Moved from state Active to state Non-Functional HA Group 1: HA heartbeat backup information has been used for HA state ch...

PA500 Restart Reason Log

I am trying to determine why a PA500 firewall was rebooted...i ran this command: tail mp-log masterd.log and got the below. I couldn't find any references for the restart reasons. How do i know if there was a power outage? Thoughts? 2018-11-28 13:37:13.158 -0500 INFO: l3svc: received user restart2018-11-28 13:37:13.172 -0500 INFO: l3svc: User re...

Expedition Tool Cisco to PA

I am having an Existing setup of cisco where all my ISP are terminated which is a standlalone device ,now migrating to PA 3220 with HA,but over here my ISP will be terminated on switch and from switch one cable to PA 3220 will be going...how do i migrate interfaces of all ISP(Approx 5) to Palo Alto(1).How do i do remap,in this case,will i need t...

Swetang by L1 Bithead
  • 2169 Views
  • 1 replies
  • 0 Likes

Custom Report Start and End Times Inclusive or Exclusive

I am exporting a Custom Report to a CSV and want to make sure I don't miss any data. Scenario 1: I want to include a full day's logs in one file For October 1, 2020. Would I set the start time to midnight and the end time to 11:59 PM, or would I put the end time to October 2, 2020, at midnight?Scenario 2: I want all the data for the full 8 AM ho...

Screen Shot 2020-10-03 at 1.48.55 PM.png

PANOS10 Security Policy Not Matching Randomly

Running a PA220 with PANOS 10.0.1 Simple NAT/Security policy in place to permit an outside application access on X port. Traffic flows as expected, although randomly traffic goes unmatched and is dropped by the FW. Jiggling the handle by remapping the port from 80 back to 2075 with commits corrects the issue. TAC has reviewed the configuratio...

jdigangi by L0 Member
  • 2857 Views
  • 3 replies
  • 0 Likes

Zscaler and Global Protect Compatability

Does anyone come across issues when we are running Zapp and Global Protect client together on MAC.We have GlobalProtect with split tunnel mode and we are in phase of migrating to Zscaler solution. We deployed Zscaler with ZIA enabled to for set users and people started complaining about performance issues.After couple of tshoots we decided to lo...

Resolved! Wildfire Virus detected on firewall but not on Wildfire Portal

Hi, the file t32.exe is considered as wildfire-virus Win32.WPCGeneric.cnp and blocked on the firewall.But when checking this file on Virustotal and eu.wildfire.paloaltonetworks.com/wildfire/ it is considered as benign. https://www.virustotal.com/gui/file/352df104254095ddf925514d99bfb5411c95b5386e90caf06557979f82e16844/detectionThe file is part o...

FMueller by L0 Member
  • 2907 Views
  • 1 replies
  • 0 Likes

Resolved! IPSec Transport Mode

I cannot find a way to configure the IPSec tunnel encapsulation to use Transport Mode versus Tunnel Mode in either the GUI or CLI ... anyone have insight into this?

aragone by Not applicable
  • 6150 Views
  • 4 replies
  • 0 Likes

Resolved! Query on Path monitoring

Will Path monitoring kick in if Enable HA is not selected?One of the KBs mentioned path monitoring failure which cause the loop condition.

HA.png
Link and Path Monitoring.png

Minemeld High Availability

MineMeld needs to be deployed in a high availability model, so if one goes down firewall will not start blocking allowed traffic from the rule base. What is the recommendation here?

Evaluation License

Hi guys, How do i get or buy evaluation license here? I do not see a link that suggest where to get or what process is needed. I'm running a PA lab on EVE-NG and wanted to be able to run Panorama. Now, i know to do that, i need to get a eval license. Please, help. Thanks

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks