This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4108 Views
  • 0 replies
  • 0 Likes

PA 200 Connected to 4G Router

Hi Folks,We currently have a primary direct internet from the ISP to the Palo Alto PA-200 configured with LSVPN .As we plan to have a secondary Internet, we want to connect the Palo Alto PA-200 with 4G Router using LSVPN as well. The problem is the public IP address is assigned to the 4G router and we'll connect it via LAN With PA-200 as the dia...

4G-PA200.jpg
Adam42 by L1 Bithead
  • 7141 Views
  • 6 replies
  • 0 Likes

OSPF: more detailed logs?

We're still experiencing the occasional OSPF adjacency drop, although it's much improved since our changes over the summer. However, the log entries in the System log is anything but useful: OSPF adjacency with neighbor has gone down. interface ae2.211, neighbor router ID 10.200.11.96, neighbor IP address 10.200.11.96.Is there any way to get mor...

fjwcash by L4 Transporter
  • 16990 Views
  • 5 replies
  • 0 Likes

Monitor Traffic Shows Sess Still Active over Tunnel Even After Int Failed

We're provisioning and testing a dedicate wave circuit and an Internet-IPSEC backup between two PANs. (We are also running IPSEC over the wave circuit). We noticed a phenomena of sorts and was wondering if anyone has experienced this: We purposely failed the upstream PAN's WAVE circuit's ethernet interface to test failover to the internet-IPSEC....

Panorama and User-ID Compatibility (9.0) with NGFW in 8.0

Hello, We are being affected by a bug that disconnect the Virtual-Wire interfaces in the switches. We are in 8.0.8 version and we wanted to upgrade to latest 8.1. We discover recently if we upgrade to 8.1.0 the bug doesn't affect us and the TAC told us to upgrade to 9.0. Anyway, the compatibility for 9.0 version requires also upgrading Panor...

AitorGD by L1 Bithead
  • 2900 Views
  • 1 replies
  • 0 Likes

Panorama CLI commit process

Hi , Could you please confirm the cmd equivalent to "commit and push " in panorama . I am trying to commit the changes using Panorama cli . I tried using commit partial device group <name> but changes are only showing in Panorama not on the firewall . Thanks

deepak12 by L3 Networker
  • 17662 Views
  • 5 replies
  • 0 Likes

my OneDrive for Business get block

HII try setup a policy to allow traffic for OneDrive for Business. but the traffic all just incomplete. My PAN os is 7.0.1, I allowed all onedrive, sharepoint, sharepoing online, office365, ssl and web browsing, but still cannot communicate with onedrive, all traffic show incomplete. do you have any idea. Regards and thanks

Bin by L1 Bithead
  • 5865 Views
  • 3 replies
  • 0 Likes

Resolved! SSL Inbound Inspection for single server hosting multiple websites

We are looking to implement SSL Inbound Inspection for a single server. However a different certificate is used, based on the website being accessed. My theory for the solution:1. Create a custom URL Category for each individual website.2. Upload each website's certificate onto the Palo Alto 3. Create an individual decryption policy for each web...

Disable NAT from Untrusted to Trusted device

Hello! I am trying to port forward port 25 traffic without a NAT to an email security appliance behind the firewall. The problem is when SMTP traffic is forwarded through the Palo Alto the client-IP address of all e-mail going to the email security appliance is the private IP of the Palo Alto. I need to disable NAT for this traffic so that the I...

daemon and processes.

Hi team, I would like to know why Daemons and processes ids are getting suspended or not working.I can see that which daemon stopped working by this cmd, > show system software statusand for example: routed is stopped and i have restarted the routed process.But here i want to know what caused that daemon to not work ? Is there a way to check ...

Global Protect Gateway certificates when using SAML

We recently switched to using SAML (ADFS) authentication for connecting to our Global Protect Gateways. These GP Gateways have a SSL/TLS Service Profile with a certificate signed by a CA created within the PaloAlto firewall that serves as the portal. This all still seems to still be the recommended setup at https://docs.paloaltonetworks.com/glo...

packet loss

Hi,when I am downloading file from internet , I can see lot of packet loss and congestion in wireshark capture analysis .I want to make sure PA is the culprit How can I verify this . I have disabld QOS on PAThanks

simsim by L4 Transporter
  • 2636 Views
  • 2 replies
  • 0 Likes

Resolved! Default EDLs and manual exceptions

I'm working through a best practices assessment and one of the recommendations is to create security policies to deny traffic inbound or outbound to the two default external dynamic lists: 'Palo Alto Networks - Known malicious IP addresses' and 'Palo Alto Networks - High risk IP addresses'. My concern, though, is that we have multiple sites con...

  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks