This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Panorama upgrade failing 9.0.5 to 9.0.8

I am getting below message at around 70% OperationSoftware Install StatusCompleted ResultFailed DetailsFailed to install 9.0.8 with the following errors.SW version is 9.0.8Installing [content ] into partition "pancfg"Nothing to install into /mnt/swm/pancfg/...Installing [maint ] into partition "maint"Nothing to install into /mnt/swm/maint/...Ma...

raji_toor by L4 Transporter
  • 3359 Views
  • 2 replies
  • 0 Likes

Globalprotect, unable to connect

Hi, I am not a techy person but I have to install Globalprotect in order to work from home, the error I'm getting is: Connection failed: No network connectivity. Please verify your network connection and try again. I'm not sure what the problem is. Please HELP.

Juliette by L2 Linker
  • 37306 Views
  • 26 replies
  • 0 Likes

Resolved! RECOMMENDED NUMBER OF USERS

Good Morning ColleaguesI hope you are doing good . May i know the recommended number of simultaneous users for the below configuration:Firewall Throughput: 5 GbpsThreat Prevention Throughput: 3 GbpsIPSec VPN Throughput: 3 GbpsNew sessions per second: 50,000Maximum sessions: 1,000,000Thx in advanceBest Regards

Resolved! Shared Gateway cannot able to mange from Panoroma GUI

Hello Community,I have Panorama M-500 that managed cluster of PA-5000 with some Virtual System, I use one Device Group for one VSYS.Now I need to configure the Shared Gateway.It seems that I can manage the NAT Policy related to the Shared Group only into CLI of Panorama and not from Panorama GUICould you confirm me I cannot managed it via Panorama?

Unable to reboot Panorama

An old contractor setup our Panorama and I just tried to update the software. It says I do not have permission to reboot Panorama. I am a superuser. How do I give myself permission to reboot Panorama?

Resolved! Unsupported Cloud Type For Remediation

Given the Prisma Cloud SaaS, I am trying to create my 1st custom policy to detect and remediate overly permissive SecurityGroupIngress rules in AWS cloud.My RQL below is valid and returns a half-dozen or so results...event where cloud.type = 'aws' AND cloud.account.group = 'Test' AND operation IN ('AuthorizeSecurityGroupIngress') AND json.rule =...

TommyHunt by L3 Networker
  • 3872 Views
  • 1 replies
  • 0 Likes

Resolved! SLR Report - Get stats-dumb

Hello @all,I would like to get a stats-dumb file which will be later used to generate an SLR report.Since the timeframe (1 Week) via the PA GUI is not long enough for us, I use CLI with the following command to generate the file: tftp export stats-dump start-time equal 2018/12/01@10:00:00 end-time equal 2018/12/31@10:00:00 to 10.164.15.27 !info:...

PAN1.PNG
PAN2.PNG
husetech by L2 Linker
  • 10389 Views
  • 4 replies
  • 0 Likes

High CPU Usage causing dropped packets..can't find what is causing it

ACC isn't really telling me all that much except for a couple of end hosts with a fair amount of sessions so I blocked those but still doesn't seem to have helped whatsoever. I tried restarting the data plane as well to no avail. Can someone help me figure out what is going on here? Resource monitoring sampling data (per second): CPU load s...

drewdown by L4 Transporter
  • 5955 Views
  • 4 replies
  • 0 Likes

GlobalProtect dns dynamic updates

We deny DNS outbound except for domain controllers. I noticed a lot of denied DNS entries on the firewalls for users coming through globalprotect. Looking at the packet captures, the traffic is destined to the domain name's public name server ip address. The payload are "dynamic updates SOA <domain name>" This is a DNS split-brain envi...

MikeC by L3 Networker
  • 8122 Views
  • 7 replies
  • 0 Likes

Email Scheduler Not Working Consistantly

Hey Everyone, I am running into an issue where custom reports that I have built that are sent on a daily basis aren't being sent consistently. I have 3 different Email Server profiles being used in four different Email Schedulers sending two different custom reports due to the limitations of allowed addresses in Email Server profiles and only be...

Palo Also email.jpg
Palo Also email 2.jpg

Superuser cannot access Edge FW

Our PAs were recently setup by a now former contractor and all templates appear to be the same. However, while our new contractor is able to access all of the internal FWs, he is not able to access our edge FW. Any ideas?

DAG and Panorama

When looking at Dynamic Address Groups along with Panorama, it almost looks like this can't be done unless you are using NSX. I setup the VM Source on one of my firewalls and I can do a DAG, but it doesn't transfer back to Panorama inorder to use it in a policy. If you are managing Policies and Address groups from Panorama this becomes almost ...

gzygadlo by L1 Bithead
  • 3289 Views
  • 1 replies
  • 0 Likes

Global protect app require admin credential to upgrade in transparent mode?

Global protect app require admin credential to upgrade in transparent mode?We want to upgrade agents from 4.0.2 to 5.0.8 in transparent mode. Can we upgrade from 4.0.2 to 5.0.8 directly ?Also user machine ask for admin credential when we install any kind of software. So we want to confirm before enabling transparent mode for agent upgrade.

Deepak_K by L3 Networker
  • 7172 Views
  • 3 replies
  • 0 Likes

Block Brute Force RDP attempts

I have a Palo Alto 820 up and running, and one of its roles is to publish an terminal server (on its default port3389, the Terminal Server have an 2 factor authentication mechanism.) I see lots of connections, and i would like to block this brute force attempts, so I configured a Vulnerability Protection Profile which blocks threats with host ty...

Sjoerd by L2 Linker
  • 15126 Views
  • 7 replies
  • 0 Likes
  • 24379 Posts
  • 123 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks