This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4108 Views
  • 0 replies
  • 0 Likes

Resolved! Only 0.0.0.0/32 Obtained from MindMeld Query

I have been using MeldMeld for several months in a lab environment with great success. Recently I setup a new server for our production firewalls but I have encountered a problem that I have not been able to solve. I can query MindMeld using a regular web browser with no problems and obtain expected ranges of IP's by using the following URL form...

jnye by L1 Bithead
  • 12211 Views
  • 6 replies
  • 0 Likes

Resolved! Multiple Portals for Global protect -Configuration check-Inputs needed

Hello ; For one our Customer running PA 3200 Series in HA having GP License ( HIP checks) Currently the GP Portal and Gateway have common Interface . The GP URL is vpn.connection.it ( sample name) The requirement is that Internal Users use the URL : internal.vpn.connection.itExternal Users(Partners) use the URL : external.vpn.connection.it ...

Resolved! Microsoft CERTSRV

Why does this have to be so difficult? I want to create a cert on the palo. Device > Certificate Management > Certificates > GenerateHighlight Generated Certificate > Export Certificate > Open with NotepadCopy contentsGo to my Microsoft CERTSRV > Request a CertificateHere is where it starts to get a little fuzzy.....User Cert...

Resolved! test security-policy-match command giving me odd output?

I was trying to work out which security policy applied to traffic through my Palo Alto from 10.77.22.10 (in the trust zone) to 10.99.0.1Firstly, I wanted to confirm what zone 10.99.0.1 was in using this page : https://alwaysnetworks.co.uk/identifying-which-zone-a-subnet-is-in-on-a-palo-alto-firewall-script/ administrator@CAMPA01(active)> tes...

Resolved! Polling JSON Format for AKAMAI

I am trying to create a prototype for a Miner that pulls IP's from a JSON formatted file. I have looked at the documentation for setting up a JSON miner (https://live.paloaltonetworks.com/t5/MineMeld-Articles/Using-MineMeld-to-extract-indicators-from-a-g...) and this topic similar to my issue (https://live.paloaltonetworks.com/t5/minemeld-discus...

Resolved! How to enforce GlobalProtect Connection for Network Access on iPhone with GP 5.0 App

Hey Guys, i'm currently testing the GlobalProtect App 5 with iOS Deviecs and Airwatch MDM. Everything works great, but it seems like that it isn't important which setting i've selected in the Portal > Agent > App (Settings). I've tried to enforce GlobalProtect for Network Access on iPhone but i can still deselect "connect on demand", so it...

Resolved! Migration without Expedition

HelloIf I wanted to migrate from Checkpoint to Palo with Panorama, but not use Expedition, what would be the general steps? Thank you for your time.

Configure HA1/HA2 command line

Need to configure the following in CLI:Control Link (HA1)Port ha1-a Control Link (HA1 Backup)Port ha1-b Data Link (HA2)Port ethernet1/1 Data Link (HA2 Backup)Port ethernet1/2 Any insight would be appreciated.

PA-5250 Power Supply Question

Do the power supplies within the PA-5250 load share? This is probably a real simple question but I have not found an answer within the documentation yet? Thanks!

B_Turner by L0 Member
  • 2976 Views
  • 1 replies
  • 0 Likes

Resolved! import device state order

Hi,I've done this successfully in the past, but cannot remember the proper order. I have a PA-200 that I want to replace with a PA-220. The PA-220 is in Panorama, its a device group + template. Should I1) configure the PA-220 with basic ip connectivity to Panorama, add the serial add it to the device group, template, push the config and then ...

ce1028 by L4 Transporter
  • 19902 Views
  • 12 replies
  • 0 Likes

PAN-DB URL Version Remains 0000.00.00.000

The firewall is running 9.1.4 (5250). The mgmt interface does not have general internet access so service routes have been configured for the following to use the external interface (internet connected): DNSEDLNTPPalo Alto Networks ServicesURL Updates Policy is created to allow outbound traffic to the internet sourced from the external IP (NAT ...

jlieberman_0-1600970729070.png

Resolved! Palo Alto LACP to Nexus

Hi all, I have an upcoming deployment and I need your inputs here. I will be replacing a fire that is configured in HA Pair with a PA-3220 non HA pair. The core switch of the client is configured as a active-passive (NX-OS). My concern is, can I enable LACP on Palo Alto side and make it a routed interface and assign IP to it and on the nexus s...

Portal not found. Please re-enter or contact an administrator for help

This is a confusing issue because it's NOT happening on other machines within the same network (same ISP, etc). I go as even as far as testing on a virtual on the same machine that is having the issue within the host operating system. I'm not getting this error within the Virtual, but getting it on the host OP that is the same machine. I was ...

difference between nego-fail and lacp-up event

Multiple logs are generated for LACP on passive firewall , but not sure whether this event generated due to layer 1 issue or config issue at switch end. We never faced this king of issue , this log are generated all of a sudden on passive firewall. Looking for exact meaning for below events . PFA image1. Link-down2. nego-fail3. lacp-up there is ...

Deepak_K_0-1601271762681.png
Deepak_K_1-1601271790244.png
Deepak_K by L3 Networker
  • 5995 Views
  • 1 replies
  • 0 Likes

Expressway-E and C and NAT

I am putting in a Jabber system using Expressway-E and C. My Expressway-E server is NAT'd through the PA-3020 and I have a security rule set up to allow the required ports in on the Public address. If I make a call IN from an external Jabber client it goes through fine. If I try to make a call OUT from a phone to a jabber client, the call does n...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks