This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4126 Views
  • 0 replies
  • 0 Likes

Qos statistics tab does not show class for multicast traffic

I have a customer case where they have enabled QoS for layer 2 interface. There is a Qos rule in place for classifying multicast traffic as class 3.multicast traffic from zone LAN is hitting the right QoS policy and from the session details, I have verified the QoS class as class 3 which is what suppose to be. However, When I check QoS statistic...

snimshad by L1 Bithead
  • 2305 Views
  • 1 replies
  • 0 Likes

Assigning a template to a specific vsys within a Template Stack?

Most of our FWs are multi-vsys. Our stacks basically consist of one template - the entire FW config. Now we are trying to create more global templates that we can apply to multiple Template Stacks. But when creating a new template configs, the config sections only gives you the option of assigning it to "Location: None" or "Location: vsys1" ...

rolinger by L2 Linker
  • 4602 Views
  • 1 replies
  • 0 Likes

Resolved! Empty EDL PA220 PANOS 10.0

HelloIm doing some tests on PA-220 test unit.Some story - im using windows 10 with installed debian on WSL.I've installed apache2 and doing some IP pulls from internet and then hosting it on:192.168.7.131/steamip2.htmlI can access this from my internet browser and i see list of IPs.After adding edl to palo alto it sais that source is avaible but...

wjt82918 by L1 Bithead
  • 14572 Views
  • 7 replies
  • 0 Likes

Resolved! New Install Checklist

Hello -Has anyone seen or created, that they'd like to share, just a general checklist of information to collect and steps to do a new install?

Resolved! Problem URL-Filter onedrive urls

Hello everybody, I use url-list from urlhaus. If I test some entries, I got a problem with onedrive-urls like this: onedrive.live.com/download?cid=a75074ec168603e4&resid=a75074ec168603e4%21108&authkey=apnjueurszwr7fiThis url should be blocked by urlfilter on the firewall. But it was not blocked. I can download the file. Also I can not se...

IKEv2 keepalive tuning

IKEv2 on PA has built in keepalive mechanism, but it can only act if the communication is lost for more than 5 minutes: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClgcCACAfter testing it out, about 7-8 minutes passed until Palo Alto detected lost peer and did reset of the tunnel.That's happening due to built in alg...

nikoo by L3 Networker
  • 6815 Views
  • 1 replies
  • 0 Likes

Configd Crashing every 50-60 Minutes; Panorama M-500, PAN-OS 8.1.15

Morning All-I wanted to go ahead and try dropping a post here in hopes that someone else has experienced either an identical or very similar issue. There is a lot info that could be provided but I'll start with the basics: -Configured in HA pair with another M-500.-Both Panorama appliances also configured as log collectors.-Both appliances are ...

Screen Shot 2020-08-04 at 11.21.49 AM.png

Resolved! What happens to active sessions in Dual ISP Scenario

We have 2 ISP's, primary is down right now. Both ISP's connect to different interfaces. When Primary comes up, the interface will be different for outgoing/incoming traffic. Will the active rdp/web sessions/GlobalProtect/IPSEC tunnels drop when primary link becomes active again. Or will it be seamless.

raji_toor by L4 Transporter
  • 3721 Views
  • 2 replies
  • 0 Likes

DataPlane Restarted unexpectedly

As we have seen that in system log the dataplane is Restarted. When i run this command show system resource follow i can see that cpu utilization goes 100%. Please suggest as i run 8.1.7 PAN-OS version.

Joshan_Lakhani_1-1596621967579.png

DHCP client identifier 61 return VLAN id

I am using my pa-850 as a DHCP server on a small office LAN. I need to assign a VLAN to the phones and another VLAN to the computers. The phones are sending Option 61 Client identifier as part of DHCP Discover. How do I configure DHCP custom options to use the Option 61 value and return a specified VLAN ID?

Video problems

hi, im having problem with videoconference LIFESIZE, the calls work but we cannot see the video. We have a rule any any permit and we dont know whats happening. I read about disable statefull packet inspection in our firewall. how can i do this in PA??

Customer Support Portal 2FA Disable

In trying to improve the security of our access to CSP, I enabled 2FA at an account level. In testing, it was not as configurable as I wanted, so I disabled it for the account. In attempting to disable it for my own account (as required after enable/disable for the account), my profile change is not saved. I will get the "changes saved" messa...

cdwing by L1 Bithead
  • 3104 Views
  • 1 replies
  • 0 Likes

Resolved! How to clear global protect previous users

I configure global protect users in address about 1000 for future plan.but users is only about 200.when gp users connect, it cannot get old IP address. Get new IP address.How can I clear previous users and IP address.

zayyar by L0 Member
  • 6868 Views
  • 2 replies
  • 0 Likes

Minemeld Gridmeld Cisco ISE integration

Hi, recently we configured Minemeld with Gridmeld to fetch SGT-IP bindings from Cisco ISE over RestAPI (PxGrid). Minemeld is pushing the SGT-IP Bindings correctly into the dynamic object groups. However, we noticed the IP to tag bindings are sometimes missing from the Palo Alto (checked with "show object registered-IP all") and 1 minute later ad...

  • 24336 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks