This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

Veeam file transfer issue

Hi,Can someone help me ? Does anyone here experience when you are transferring huge files. It suddenly drop the traffic and cuts the tcp sessions. Got this veeam error from my colleague.Error: The specified network name is no longer available. Failed to write data to the file [\\172.18.77.54\Primary Backup\NOES0003-EM-09062020 - NOES0003\NOES000...

Layer 2 Setup no network traffic no MAC addresses

My organization recently purchased a VM firewall. Originally there were a couple other people who were going to implement it but it's now fallen on my shoulders. I found this tutorial that was straight-forward enough for me to follow but after adding a couple VMs to the port groups I am not seeing any MAC addresses when running "show mac all"...

vCenter Server Appliance Web user interface HTTPS Security Rule

Hi All, Due to a number of system administrators working from home, I have been asked to allow vCenter Server Appliance Web user interface HTTPS port 5480 through the firewall for administration over VPN (Global Protect). Specifically port 5480. vCenter uses standard ports 80 and 443 and successfully navigates to the site. I have been unable to ...

ccarter by L1 Bithead
  • 14126 Views
  • 1 replies
  • 0 Likes

Downtime when chaging DNS IP

Hello - I need to change IP of the DNS server under Setup - Services on our Panorama, FWs and Global Protect devices. Would like to know what kind of downtime I can expect with the cutover to the new IPs especially on t he FWs and VPNs. - Jisha

JJoseph by L1 Bithead
  • 2787 Views
  • 1 replies
  • 0 Likes

Are You Ready for PAN-OS 10.0 and the ML-Powered Next-Generation Firewall?

In case anyone hasn't heard that the NEW version of PAN-OS 10.0 is going to be released soon, This will be a new ML-Based NGFW (Machine Learning) and there is going to be a huge launch event for it. Palo Alto Networks is beyond excited to announce the world's first ML-Powered Next-Generation Firewall. REGISTER NOW for the PAN-OS 10.0 launch ev...

jdelio by L7 Applicator
  • 11268 Views
  • 2 replies
  • 3 Likes

Resolved! Warning: Disabled applications in vsys1

Hi, For a while when committing we would see the message below because the applications were disabled. We have since enabled all of these applications, but are still seeing the same warning. Curious if anyone else has encountered this, and whether there is a fix for it? Warning:Disabled applications in vsys1: assembla-base assembla-uploading cel...

Resolved! 500 Internal Server Error - CAPTIVE PORTAL

Dears, PA220 with interfaces as per belowethernet1/4 19 1 Local-Network vr:RT-LAN 0 172.26.57.1/25ethernet1/5 20 1 Local-Network vr:RT-LAN 0 172.26.57.129/26ethernet1/7.105 269 1 Local-Network vr:RT-LAN 105 172.26.59.1/27ethernet1/7.106 270 1 Local-Network vr:RT-LAN 106 172.26.59.97/27Captive portal already configured and we double checked every...

ScreenShot640.jpg
ScreenShot642.jpg
ScreenShot644.jpg
ScreenShot646.jpg

Using MineMeld to build a list of IP addresses from a list of domains

Our current MineMeld instance is doing a great job of handling our Office 365 requests. Now I'd like to use it to solve a different problem, but I'm not sure how to go about it. We need to allow outbound app-specific traffic to *.somedomain.com. I tried a URL category but that's not working, probably because this traffic isn't HTTPS or HTTP. I...

efritz by L1 Bithead
  • 7576 Views
  • 4 replies
  • 0 Likes

PA 7.1.0 - IPSec SA goes into create delete loop after enabling tunnel monitor

Hi, I am facing a strange issue in IPSec connection with PA (7.1.0) and strongswan (5.6.2) where I see Paloalto starts sending CREATE_CHILD_SA rekey requests to strongswan when I enable tunnel monitor. Earlier we were using strongswan (5.3.5) and didn't have issue with tunnel monitor, but recently we upgraded strongswan to 5.6.2 and started see...

pa-logs.png

Resolved! Source NAT on a IPSec VPN tunnel due to overlapping IP space.

Folks, Our team has been tasked to work on a VPN tunnel from a customer premises to our corporate DC. The access would be unidirectional with the Customer accessing on-prem resources. The first challenge is that we have overlapping IP addresses at the customers end. Our team wants to use some NAT policies which will act like a 1:1 policy. i.e. w...

VPN tunnel.jpg
nson2139 by L3 Networker
  • 9684 Views
  • 1 replies
  • 0 Likes

Multiple ISP

Dear Team,I have a query. One of the customers wants to load balance their Internet traffic between multiple ISPs ( they have 5 actually). Can we do that ? I know we can do for dual ISP. But will this be feasible ?

PA3250 - L2 - L3 interface communication

Hi Team! I have simple topology ( pls see at the picture). I configured eth 1/1 ( for PC2) as L2 interface, but without Security Zone. I want to ping from PC2 - default Gateway (AE1.121) and PC1. Is it possible to set up Palo Alto like this? Pls, give me details, I can't find any use cases with the similar configuration. Thank you in advance.

PA_NX.JPG

Chromebook Global Protect failing

I have Setup Global Protect but my chromebook is failing to connect, I thought my config was dud but I have just tried to connect with my macbook and it works exactly as it should. I can't see why the chromebook wouldn't work, clearly the setup must be right. 3/17/2017, 5:06:44 PM: openDialog, type = 1 3/17/2017, 5:06:44 PM: pop up dialog after...

Resolved! Internet access

Hello all, we have installed proxy server to DMZ now I wants to allow internet access to LAN user . What would be my security policies for LAN user to access internet through proxy serverI have created two policies1. From trusted zone to DMZ Source as LAN user --------- Proxy server IP address as destination2. from DMZ to internet Source as ...

Source IP issue. *Urgent*

Hi team, I am facing the source IP mismatch region .This is the IP 41.139.156.142 which shows up from Kenya, i have confirmed from https://ping.eu & https://threatvault.paloaltonetworks.com/ but in firewall traffic log it show like this IP belongs to Germany.I have blocked this IP in policy but why it is happening ? Why firewall shows misma...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks