This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4110 Views
  • 0 replies
  • 0 Likes

Resolved! File Blocking profile

Currently we can only see the logs for the files being blocked.Can we set up the logs to allow us to see the successful transfer of a file? Does Alert/Continue Action of File Blocking Profile log entry in the Monitor > Logs > Traffic?

Passing original IP information for source NAT translated traffic

I don't know the feasibility of this on the PAN. I've seen this done by means of custom scripts on load balancers. But, I thought it might be better to ask here since there are always more than one person with the same issue. The current situation:I have a PAN firewall between the Internet and my HA-Proxy server.The source traffic arrives at the...

DelvinC by L2 Linker
  • 3713 Views
  • 1 replies
  • 0 Likes

Resolved! how to configure HA in PA VM-500 deployed in ESXi

How we can configure HA2 for PA-VM Active passive deployment in ESXi. Can we use ip-address from mgmt network to use it for HA2 on both firewall.eg. 1.1.1.1 - Active firewall mgmt ip 1.1.1.2 - Passive firewall mgmt ip 1.1.1.3 - HA2 ip addres for Active firewall 1.1.1.4 - HA2 ip address for Passive firewallor do we require to take...

Deepak_K by L3 Networker
  • 3193 Views
  • 1 replies
  • 0 Likes

Address monitor and remove from address group

Hi Community, Customer is performing session distribution using destination NAT. They have three server nodes so they put them together in one address group and called that group in destination NAT session distribution. it is working fine. But they want to remove one of those address if there is some problem with that server(like server is not r...

Bricking a firewall?

Ok, I am not surprised in life that an upgrade can go wrong. Happens on many different technologies. But I recently had my over $60k PA5220 firewall brick going from 17.x to 18.x. And that was after getting advice from PA support before doing the upgrade to try and avoid a problem. It amazes me that there is no reliable factory reset funct...

tyler by L1 Bithead
  • 2562 Views
  • 1 replies
  • 0 Likes

Not able to comunicate with paloalto eth 1/2 interface

Hi Guys I have come here with lot of hope , I am doing my masters project and for that purpose my topology .My goal here is to show how paloalto can block the threats with its inbuilt IDS IPS ,url filtering , block traffic etc but right now I am facing a issue setting up a network I configured ping managenment on the firewall also I configured t...

Aggregation of ethernet on PA-4050 with Cisco switch

Hi,I am trying to get an aggregation link up between a Cisco and PA-4050 switch (v3.1.2). I have two link in the group and have configured L3 sub interfaces to seperate VLANs. I am able to send traffic across these links but they are clearly not functioning as aggregated interfaces as i loose packets when failing one of the two links (more like ...

Palo Alto Zone Primer

Hi All! I've recently been creating video guides on Palo Alto Topics. This time I've started on zones.This includes why we use zones, how they help, and some advanced features that PA have (zone protection profile and packet buffer profile). If you're interested, or know someone who's learning, here's the video:https://youtu.be/dBKC6Q0dpdk Enjoy!

Luke_R by L2 Linker
  • 3353 Views
  • 1 replies
  • 1 Likes

PAN-OS 8.0.5 sending continuous delete and create for IPSec SA

PA is sending continuous delete create every 3 seconds. It can be seen from the PA logs that SPI 0xAFD67238/0xC436E70E created at time 2020-06-13 05:50:55.230 and PA became responder for established child SA. For some strange reason PA again triggers child sa creation at 2020-06-13 05:50:55.968 for SPI 0x965504AB/0xCA05A690 and delete older SPI...

DNS Resolution

Is there any way to segregate the traffic of DNS server through global protect. example:- I have allowed some traffic through the split tunnel and i configured internal DNS server.scenerio:-I connect through the global protect when i do nslookup from my system my all query will resolve by internal DNS server, However i want to segregate traffic...

Extract output node's feeds to custom platform.

How to export minemeld outputs to a custom platform.I am working on a threat handling platform and I would like to use the feeds coming from minemeld output nodes, extract few details and use those to monitor other feeds.For that I need to get the output feeds preferably in json format or any other format also will do.Could you please suggest me...

Resolved! USer-ID enable?

Hi team, Can someone expertise tell me that where we enable user-id?Is it on Panorama or on Gateway and help me to understand ow it's work?

AmitPA by L0 Member
  • 2467 Views
  • 1 replies
  • 0 Likes

Redis - Package Upgrade Issues

I've been trying to upgrade my Ubuntu instance for the past few months, but keep having to install all package updates manually as redis-server and redis-tools fail as it can't overwrite the minemeld redis config. After updating the packages, we are unable to login to minemeld as nginx throws a 502 error. Is anyone else having this issue? If so,...

Resolved! Guide to updating an HA Pair

While learning more about Palo Alto firewalls, I put together a guide on how to update a pair of firewalls in HA.Hope it's useful, and I hope you like it! https://youtu.be/tPkMxJXIW7s

Luke_R by L2 Linker
  • 3766 Views
  • 2 replies
  • 0 Likes

panorama disk-space

We see"Show system search-engine-quota" displays 480491MB of space, accounting for 66% of the document, and the detailed information(total size) displayed under search engine also does not reach 480491MB. Can you explain it? Thank youThe following is a screenshot of show system search engine quota.

search-engine.png
DISK-SPACE.png
Eccomtac by L0 Member
  • 2610 Views
  • 1 replies
  • 0 Likes
  • 24332 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks