This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4468 Views
  • 0 replies
  • 0 Likes

Resolved! Panorama suggested version

Hi Team, we have firewall running version 9.0.6,9.0.4 and 9.0.7, well in this case what could be the suggested version of panorama?i have heard , panorama should run with same or later version firewall OS, Is it talking about the major version like 7.x,8.x or 9.xor talking about minor release?

Resolved! All the traps agents are disconnected

Hi Community, All the agents in my traps setup on ver 4.2.5 shown as disconnected. As the issue looks like ESM server related, i have followed the document https://docs.paloaltonetworks.com/traps/4-2/traps-endpoint-security-manager-admin/troubleshooting/troubleshoot-esm-console-issues/why-do-all-endpoints-appear-as-disconnected-in-the-esm-consol...

Panorama M-500 disk upgrade & add process

Hello, I'm planning to upgrade storage capacity M-500.It's using 12 slots with 1TB disks, I'm going to insert 2TB disks to empty slots and replace 1TB to 2TB. As I know, after add new disks, panorama will redistribute existing logs.While that process, can I replace 1TB disk to 2TB? Thanks

yhlee1 by L2 Linker
  • 3601 Views
  • 2 replies
  • 0 Likes

Limitations for creating number of child sa for site to site vpn

Hi,Here I am trying to create a site to site vpn in Paloalto firewall, now in local network I have 8 individual /32 ips and for remote 10 individual /32 ips. This is for policy based vpn. Now if I add proxy ids for local and remote ips. I am getting around 80 proxy ids. Requirement is to only use ips not subnets. Now few connections are not work...

Source and Destination NAT using 2 different NAT rules

Hello everybody, We are trying to replace our Lan-to-Lan concentrator (currently a Cisco ASA) with a PAN-5220 version 8.1. On the Cisco ASA firewall, we are currently doing source and destination NAT for each incoming connection. We change the source IP address because our partners use many different private subnets that we can't route or that ...

CSavoy by L1 Bithead
  • 5663 Views
  • 1 replies
  • 0 Likes

Output detailed HIP logs to syslog

Does anybody know how to output the detailed HIP match logs to syslog?As it stands, we've got to go to Monitor > HIP Match > Magnifying Glass Icon to see them.We'd like to send this rich data set to Splunk or another tool to write reports against.

scresnshot.png
tmhorne by L1 Bithead
  • 7615 Views
  • 5 replies
  • 1 Likes

QOS - real time bandwidth monitoring

Hi All, I've created a generic QoS profile under Network >> QoS but when I view the graph it shows the bandwidth as being much less that I know it is. At the moment I'm streaming music which is around 2 Mbps but the graph never goes above 0.25 Mbps Have I missed something in the config?

ChrisDownes_0-1592593088294.png

Help - Certificate pre-login globalprotect VPN, with SAML tunnel adoption

Hi, We are working to create a global protect vpn connetion between our windows 10 devices and the PA FW ver. 8.0.1. The VPN tunnel needs to use a pre-login tunnel initially (authenticating via the machine cert) which when the user logs in re-authenticates the user using SAML (Azure via ADFS) and renames the existing VPN tunnel. We have an exis...

Resolved! PA running-config Synchronisation

I have migrated HA pair in Panoroma.Let's say I make some changes from Panoroma and push to only active device.Now with config sync enabled locally on the firewalls, will it sync the running config to passive device. Panoroma shows config out of synch on passive device that's fine as it's one way sync but on actual firewall will it be synchroni...

Resolved! Failed to check upgrade info due to generic communication error

Hi all since last night i get alot of erros from wildfire, antivirus updates, content updates...All sheduled updates and even manual checks from the gui bring up errors.No HA config.Problem is on a 3020 and a old 500.Ping and trace work to eu.wildfire.paloaltonetworks, wildfire.paloaltonetworks and updates.paloaltonetworksDNS seems to be ok.Syst...

kbe by L3 Networker
  • 37788 Views
  • 17 replies
  • 0 Likes

Resolved! Removal of unused PAN-OS software from KVM VM series

Hi, We are using vPA on KVM series and ran with v8.1.9h4 and upgraded to v9.0.8 recently (also, downloaded base image of 9.0.0)Can we remove all 8.1.X versions (8.1.0, 8.1.3, 8.1.9h4) from the devices which is installed in the beginning of deployment? hope it will not cause any issues. Regards,Karup

Karup by L1 Bithead
  • 2643 Views
  • 1 replies
  • 0 Likes

Downgraded from PAN 850 from 9.1.1 to 9.0.8.

2 months ago Upgraded the OS from 9.0.0 to 9.1.1 Now we have downgraded the OS from 9.1.1 to 9.0.8.. after successful of a downgrade. we can see the firewall has lots of errors in auto commits as we clear those errors and tried manual commit has a lot of error and fail to commit. Validation Error: import -> network -> interface 'sdwan' is...

Objects in use via CLI

Good afternoon, I'm looking for the CLI command(s) for how to determine the number of address objects, and address-group objects that are in use on a PA FWs. I know it's easily done from the GUI, but would like to add the command to a script, so I can pull the information from the CLI. Thank you.

  • 24379 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks