General Topics

Introducing the LIVEcommunity Support FAQ: Your Valuable Customer Resource

LIVEcommunity is thrilled to introduce its new Support FAQ section, designed to help Palo Alto Networks customers quickly resolve their common queries.

You'll find this new area under the Articles section of the main menu:

Our goal is simple:

...

Resolved! core file crash info

show system files show

-rw-r--r-- 1 root root 653 Dec 2 18:54 all_pktproc_34_8.0.9_37.pcap
-rw-rw-rw- 1 root root 30K Dec 2 18:55 all_pktproc_34_8.0.9_37.info

how can i know why system crashed?

will this crash any outage to MP or data plane?

User Activity Reports showing malware category for a Microsoft website?

On our User Activity Reports, I'm seeing windowsupdate.com with a block-url action and malware category classification. The URL appears to be valid. Does anyone have an idea why this would be happening?

PAN config for ansible jinja

Hi,

I am trying to create a configuration template which I can change certain variables and pushed the config to multiple firewalls.

However PAN is not behaving the way I need. I have two problems which seems to be related to PAN's design.

1) Even if

...

IPSEC VPN Needs to be disconnected when there is no traffic

We have several IPSec tunnels that connect to 4G devices to provide network access in the event of a primary circuit outage. These tunnels do not disconnect after the primary circuit comes back up. Is there a way on the PAN side to disconnect an IPSe

...

What does your general day-to-day running of your PAN environments look like

Hi Gang,

We have Palo Alto Panorama and Firewalls and yes all going smoothly, however, It is not the end once it is up and running.

So I am keen to read on all what you do in the daily administration of your PAN environments. All I have really, in ter

...

Resolved! Query on PA acting as load balancer

We are using VM-100 and would like to use this as a load balancer for our Web services.

We have checked the link below and would like to know if this EMCP load balance incoming traffic to Web servers? Or does this just load balance egress traffic bet

...

How to configure a PBF rule in shared gateway

Hi community,

I want to configure a PBF rule in a shared gateway but i don't know how, can you give me an example for this?

How to retrieve and use Data Collection for Global Protect?

Q: I'm using a PA-3020; is there any default data collection gathered with the GlobalProtect VPN client/agents, or do you have to provide custom registry keys to scan for Windows?

And where can you actually find the information being gathered?

Resolved! Differnece between Threat Prevention Licenses

Hello everyone,

In our environment, we deploy both PA-220's and PA-220R's in the field. Sometimes they are deployed in HA pairs.

I noticed that there's two different types of Threat Prevention license available.

PA-220 (Non Redundant setup)

Mfg. Par

...

Resolved! GP client asks to downgrade

Hello,

We have PAN OS 8.0.3 with the GP client version 4.0.2 deployed to our clients. This works fine. I've downloaded GP version 4.1.0 on my machine and when I connect it asks me to downgrade to an older version. We haven't uploaded any GP client to

...

Syslog Custom Log format PAN-OS version 9.0 ? - (Paloalto Networks QRadar App).

Does this Article relate to PAN-OS version 9 ?

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClEcCAK

As I am trying to get feeds into the Palalto Networks App in IBM QRadar and I believe these "LEEF" formats are required bu

...

Resolved! Panorama Logging Behind

Hi all,

The issue that I am having is that all my firewall logs in Panorama are behind in time. I have tried multiple KB articles and support basically went through all the KB articles I found such as restarting the management service, stopping and

...

How to drop or reject an OSPF route in PA 3000 series if it receives a route from another vendor FW

In the data center end, the Cisco ASA firewall is advertising the OSPF route and at the perimeter end Palo alto receives the route, and PA will be forward that route toward Internet communication.

Expectation, if any, specific route received by Palo

...

Resolved! Logging Discarded Traffic

Hello,

I had recently had an issue where I had to move a syslog server behind a cluster of PA-5250.

This syslog server receives logs from different equipements (~ 100GBytes per day) so there is an enormous amount of udp syslog events received by this s

...

Resolved! How to see all the set commands for an IPsec tunnel?

I need to get the display set of all the commands for an IPsec tunnel, like I'd do with a Juniper SRX, but get no return whenever I try to see the commands set for the tunnel. Seems like the tunnel hasn't even been configured, but it shows under ike

...

Discussions