This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4472 Views
  • 0 replies
  • 0 Likes

Does updating definitions/antivirus cause any downtime?

I have a new PA-3020 that is inline on my network, meaning if it goes down then so does my network. Because this PA-3020 is inline I was worried about updating the definitions (only two weeks old right now), and I was not sure if during a definitions/antivirus update, then the 3020 might drop or blip its in/out connections. Basically, if my 30...

PA Firewalls HA Active-Active Routed design with BGP

Hello Everyone,I'm designing an edge network with Active/Active HA. After reading the PA documentation, I found Active/Active Routed based redundancy design which seems best suited for our environment. However the topology shown in Docs is a square model and I'm thinking to add more links to convert it to full mesh to add more redundancy and fas...

HA-AA-Routed-based-Redundancy-Square.jpg
HA-AA-Routed-based-Redundancy-Full-Mesh.jpg
yham81 by L0 Member
  • 7420 Views
  • 3 replies
  • 0 Likes

Resolved! Feature Upgrade: load, install, run !?

What does "base image must be loaded" and "you do not have to install or run the base image" mean? See my screeshot below. The base image is there. Do I have to click on "Install"? The message however clearly says I do not need to do so? So what do I do?

ifstciss_0-1597841414632.png
ifstciss by L1 Bithead
  • 8450 Views
  • 6 replies
  • 0 Likes

DNS Query

Can we configure firewall will allow only one response for one dns request packet. Please suggest

Not able to Ping

I have l3 switch , new vlan is created and its default gateway is PA FW..A machine when connected to trust interface eth1/2 is able to access the internet...but when machines are connected to switch with trust IP range,internet is not working.My machines are not able to access internet,but when i connect a single machine to FW Trust Lan interfac...

Swetang by L1 Bithead
  • 3219 Views
  • 2 replies
  • 0 Likes

Resolved! Adding in an additional new firewall to the edge, attracting return traffic

I currently have a Brand X firewall at our perimeter with a /24 on the outside and private addressing on the inside. I want to add a PAN in parallel to the current firewall and gradually move services from Brand X to PAN. The plan at present is to take a /26 of the public space and route to the PAN outside interface from the edge routes.The tric...

palomed by L3 Networker
  • 3262 Views
  • 2 replies
  • 0 Likes

Regarding Wildfire analysis

Hello Guys, I am preparing for a PCNSA exam and practicing my labs at NDG portal. It is running version 9.0.1. Except for the File from the lab guide the firewall is not sending any other files to Wildfire for analysis. Is their some other things i should be looking at. I downloaded couple of archive, exe and docx files and it is not showing up ...

twitter not working

Twitter is not working. I create the simple policy but I got this error. aslo create the application override but still I got same error i have also change my browser but still same please suggest.

Joshan_Lakhani_0-1597479738514.png

Resolved! APP-ID Doubt

hello community, I have a question that I have not been able to solve with the study material and it keeps breaking my head.Here it goes, when I generate an application-based security policy, for example from "trust" 10.xxx to "untrust" anywith app anydesk specification (with the ssl dependency), I see the corresponding traffic between the inter...

ServiceRoute

I have configured trust and untrust zone with respect to their interface. I create policy of any any...my firewall internet only work when i configure service route and destination as outgoing interface,if i set it as default and select use management for all interface...my firewall lose its internet connectivity for upgrading OS,URL updates. My...

Swetang by L1 Bithead
  • 2433 Views
  • 1 replies
  • 0 Likes

Veteran Exam Voucher

Hi, I'm in the process of working on my Palo certification and saw that I could request an exam voucher on https://live.paloaltonetworks.com/t5/second-watch-articles/step-10-request-exam-voucher/ta-p/304454 but I have received no response from the folks at certification@paloaltonetworks.com for over a week. Has anyone had any luck getting a vou...

swtucker by L1 Bithead
  • 7010 Views
  • 5 replies
  • 0 Likes

Resolved! gp logs sync with the passive but with time difference!

Hello, Logs should only be placed in the active node, however i am keep monitoring the globalprotect logs for 3 days and i am sure that the active node does not change, however the logs is still appears on both nodes each with different time. Did some one noticed this ? PAN OS 9.1.3-h1

Resolved! [API]PYTHON PANDEVICE - SET SECURITY PROFILE

Hi all, I'm using PaloAlto's API for the first time.My idea is the following: - for each rule, I would like to apply a security profile based on the service setted. Reading some docs online i wrote this pseudocode. HOSTNAME = '192.168.55.10' API_KEY = 'My_Api_Key' fw = pandevice.firewall.Firewall(hostname=HOSTNAME, api_key=API_KEY) rulebase =...

Chango by L1 Bithead
  • 11504 Views
  • 7 replies
  • 1 Likes

Publish Custom ACC Tabs

I created a custom ACC tab with some filtered widgets and need to share it with some other users to monitor the network over the weekend. The users are not proficient with panorama, I basically want them to watch the tab I have created and call if X criteria is met. Is there a way to publish my tab so it appears on all the user accounts without...

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks