This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4469 Views
  • 0 replies
  • 0 Likes

global resource counter appid_post_pkt_queued

Hello,someone know what means this counter increasing?appid_post_pkt_queued 4294967293 826432036 info appid resource The total trailing packets queued in AIE and this?dfa_sw 4415 849 info dfa pktproc The total number of dfa match using softwareaho_sw 4410 848 info aho ...

Marivi by L2 Linker
  • 4118 Views
  • 1 replies
  • 0 Likes

any solution to keep tracking user IP mapping?

One of my customer is requesting me to track user IP address when he move from his desk to meeting room, and vice versa.He carries his laptop, he use same ID account on AD, but his IP address will be changed when he moves around. I know he needs to generate EVENT LOG on AD to pick up the latest info by UIA, but I have no idea how to...Does he ne...

emr_1 by L6 Presenter
  • 8821 Views
  • 3 replies
  • 0 Likes

Resolved! What can I do with a Global proect subscription?

(posted this in the global protect forum, but this seems to get more traffic, and maybe more suggestions, so I moved it here) So I'm about due to retire my old 3050's and upgrade to 3250's - and this time I've convinced management to buy me the global protect subscription by pointing out that the changes in the way it operates after software ver...

darren_g by L4 Transporter
  • 5930 Views
  • 6 replies
  • 0 Likes

Refund request for VM-Series Next-Generation Firewall Bundle 2

I have used VM-Series Next-Generation Firewall Bundle 2 (sold by Palo Alto Networks Inc.) in AWS for learning purposes. But it charged me $1,887.32 that I can't afford. In the beginning, When I use these services, the web tells me these are free services for 1 year .and not tell me the VM-Series Next-Generation Firewall Bundle 2 has 15 days-tria...

ZiZiHo by L0 Member
  • 2548 Views
  • 2 replies
  • 0 Likes

Computers in remote clinic need to communicate with on prem server

We have just brought some remote clinics online. We have a point-to-point between our PA5520 at the main hospital and a PA820 at our remote site. We're routing between P2P with static routing at the moment. Data/Voice is working, as the VLANs are on the remote site switches themselves. However, we've been asked to get another VLAN working that i...

Downtown_remoteclincs.jpg
lsaintig by L0 Member
  • 2909 Views
  • 1 replies
  • 0 Likes

traffic segmenation affect app-id

Hi So I am working through a ssl decrypt issue with PA support. I am being told that because the stream is being segmented - so not coming as 1500mtu packets. the PA can't work out what the stream is. The implication is that app-id doesn't work properly unless you have full 1500mtu packets. I thnk my SE is agreeing - not 100% sure. I am a bit lo...

Hardware Problems in PA 3220

I had similar problems in 4 firewall pa 3220 in which I could not even enter maintenance mode to take it to the factory reset mode and I had to send them via RMA to the 4 firewalls for their change. Someone had a similar problem , to me a lot of attention that firewalls with very good MTBF have this type of problem if someone knows something...

Resolved! How can I allow an application on default and a non-standard port?

I have a Security rule that allows Oracle traffic between two subnets. The problem is that three Oracle servers use standard port 1521, and another Oracle Server uses a non-standard port 13062. I know that I need to allow the non-standard port in the rule, but that breaks traffic on the standard port. For now, I have explicitly added the stan...

kcampion by L1 Bithead
  • 6857 Views
  • 4 replies
  • 0 Likes

URL 9.0 URL Category Cache Build Time?

How long does it take for the URL categories to build in the 9.0 release? We have an issue with google-base app, where almost all google searches come back as the 'not-resolved' category for the first 5 minutes when we change datacenters. 8.1 you could just re-download the seed database, and we never had a problem. 9.0 there isn't such a...

Sec101 by L4 Transporter
  • 3427 Views
  • 2 replies
  • 0 Likes

Resolved! Shadow Rule Notice - Really Not a Shadow

I have a firewall (lab unit) with version 9.1 and I configured two Security Policy Rules.The top rule (1) is Trust to Untrust, a source user is a group, all default options, and an Action of Deny.The second rule (2) is Trust to Untrust, a source user is a group (different from above), all default options, and an Action of Allow. When I commit th...

Migrate pa vm to pa 820 facing issues

Hi to all,one of our customer migrated their complete infrastructure from PA VM to PA 820 physical device.post migration they are facing issues like, they have generated report and seeing PA 820 and PA VM as well. but here thing is, customer doesn't want see PA VM. He wanted to see only PA 820 physical device. and it showing, it misses some gap...

RameshD by L0 Member
  • 2680 Views
  • 3 replies
  • 0 Likes

setting counter thresholds with snmp monitoring

Any one have a good handling on where to set dos counter thresholds for alerting via SNMP? Also trying to figure out what are the best ~50 sensors to monitor for the firewall via SNMP. pan tcp drop packet, pan flow dos pf strict ip, and pan flow dos pf icmperr look potentially interesting in my particular environment.

Resolved! Destination NAT issue or routing change

Hi All, I have had a destination nat running for months without issue. NAT: Source VPN Interface to Inside Interface: Destination Address: 192.168.90.231 Destination Translation: 10.0.8.82 Rule: Source VPN to Inside : Source IP to 192.168.90.231 It has been working for months without issue. Suddenly last night, the traffic to 192.168.90.231 star...

a.jones by L3 Networker
  • 3291 Views
  • 2 replies
  • 0 Likes

Iphone MAC won't connect Global Protect

Hello All,We have Global Protect License for mobile we upgraded recently to 5.0.8 and i see my iphones will not connect.did any one face this issue ? Works fine with windows and desktops only with iphone i face the similar issue.Any help will be much appreciated.

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks