This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4222 Views
  • 0 replies
  • 0 Likes

application showing as incomplete + ipsec tunnel issue

Hi, I have an IPSec tunnel to a 3rd party, which we have some intermittent issues with. at the time that 3rd party lose its connection to us, under monitor> traffic I can still see traffic flowing but with application showing as incomplete. as I understand, incomplete could mean that source start a 3-way handshake but doesn't get a syn ack b...

AY_FASAR by L1 Bithead
  • 1949 Views
  • 3 replies
  • 0 Likes

Upgrade with High avaibility

Hi everyone, i've 2 PA-500 with no contract since 2022. Now i've to made change but the commit doesn't work because error duplicate application name "Bing-Ai-Base" i can make an upgrade but we didn't make that since march 2022. How can i make an upgrade on one of the two PaloAlto without impacting the other one (in case i've a upgrade issue, ...

info by L0 Member
  • 810 Views
  • 1 replies
  • 0 Likes

Resolved! Export/Import Named Configuration Snapshot

Hi everyone! Can someone confirm that the subject can only be done by "superuser" account? I can't find any documentation that says so. I'm wondering because "export device state" is visible for superuser account, when using a "device administrator" (dynamic role), "export device state" is not visible. Both Export and Import named configuratio...

RVizcarra by L4 Transporter
  • 6493 Views
  • 7 replies
  • 0 Likes

Resolved! Changing priority between eBGP and OSPF learned routes

I have an interesting problem that I haven't found a satisfying solution for. I have various remote sites connected via private circuit with OSPF, and then IPSec VPN with eBGP learned routes. The administrative distance of eBGP is 20, and the administrative distance of OSPF is 30. I believe these are the defaults. Right now, if there are two pa...

khsieh by L2 Linker
  • 15977 Views
  • 10 replies
  • 0 Likes

GlobalProtect Authentication failed Error code -1 after PAN-OS update

We are on PAN-OS 8.0.6 and have GlobalProtect and SAML w/ Okta setup. It has worked fine as far as I can recall. However when we went to upgrade to 8.0.19 and any later version (after trying that one first), our VPN stopped working. The client would just loop through Okta sending MFA prompts.On the web client, we got this error: "Authenticat...

2019-08-24_20-40-33.png

i could noti nstall the image,

i need help for the upgrade. I have down the image. but when i try to upgrade, i did not find any device or panorama to be select I only have small window for the upgrade i need help now

Weiweili by L0 Member
  • 661 Views
  • 1 replies
  • 0 Likes

removing a Palo alto from my portal

Hi everyone, I had a polo alto firewall that I sold on ebay as I no longer needed it, it's out of licence/ support. How can I remove it from my portal? Would that impact the ability of the person who bought it from me to use it at all? Thank you

nevolex by L3 Networker
  • 742 Views
  • 1 replies
  • 0 Likes

Resolved! PANOS 8.0.4 warning ipv6 not enabled on tunnel interface

Hello All,I just upgraded to 8.0.4 and now when I commit the tunnel interface associated with my external GP gateway gives a warning that "ipv6 is not enabled on the tunnel interface tunnel.1. IPv6 address will be ignored!"Did something change in the gateway configuration. I've gone over and over a few times and am not finding a reference to I...

dan731028 by L3 Networker
  • 20718 Views
  • 15 replies
  • 0 Likes

Resolved! maximum number of bgp routes for VM-series

Hello Community, I found that the BGP forwarding table size entries for VM-Series FW (VM-100 to VM-300) ranges between 100 to 5000. Does it mean that if the number of advertised BGP routes received by the FW exceeds the forwarding table capacity this can lead to issues?

M.Fassel by L0 Member
  • 1576 Views
  • 2 replies
  • 0 Likes

Cisco Webex Calling - One way calling

Does anyone utilize Cisco Webex Calling with a Palo Alto firewall? We run Webex calling and ever since we switched to the palo alto, calls sometimes will only go in one direction (you can hear them, they cant hear you) or no way (either sides cant hear eachother). I reverted back to PAN-OS 9.1.1 hoping that would resolve the issue but the issue ...

matlat by L0 Member
  • 4085 Views
  • 3 replies
  • 0 Likes

Issue with user detection on terminal server

Hello everyone, We're having an issue with our terminal server agent software on multiple terminal servers running Windows Server 2019. The problem lies in recognizing users who are logged on to these servers. The TS Agent sees the users on the Terminal Server Agent Monitor tab, but they do not appear in the traffic log in the Firewall Sourc...

Terminal Server doesn't work with Microsoft applications

Hi guys,We faced an issue where users' traffic related to office applications from a system, on which Terminal Server is installed, gets dropped by the firewall due to the unknown source user. We are using Terminal Server Agent as the means of user identifications. Web browsing and traffic related to other applications pass through the firewall ...

AWS Tunnels Down when We make a Failover

Hello everyone, I have observed that when a failover occurs on an active/passive cluster the IPSEC tunnels to AWS all go down and take a time to recover. I have verified that the traffic goes down and does not communicate for a time of about 5-10 minutes.Has anyone else seen this problem and do you know how I can fix it?I would also like to comm...

Alpalo by L4 Transporter
  • 13144 Views
  • 13 replies
  • 0 Likes

Resolved! Flexible vCPU VM Firewall interfaces are down

Hi, I have a problem with bringing up interfaces on a VM firewall running with this configuration: vm-license: VM-SERIES-2 vm-cap-tier: T1-5GB vm-cpu-count: 2 vm-memory: 5061728 vm-mode: VMware ESXi sw-version: 11.1.4-h13 show interface hardware total configured hardware interfaces: 2 name id speed/duplex/state ...

  • 24355 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks