This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4116 Views
  • 0 replies
  • 0 Likes

Resolved! Two Directly Connected PANs via IPSEC- Do I Need to Build Tunnel Interfaces

We are having installed a 10 Gbps Light Wave service for a WAN connection and will have PANs on either side. (The PANs will be on the same /30 subnet, and the Wave service appears to be a raw fiber connection terminated on physical PAN L3 interfaces). We want to authenticate the other end and encrypt using IPSEC. Do I need to build a tunnel inte...

Resolved! NFR VM-Series Firewall

Hi, I am new in Palo Alto Networks and have few questions about NFR VM-Series Firewall. Hope you can help or guide me please. 1) How to get NFR VM series licenses?2) What are the options for NFR VM?3) How to license them? I do have partners login but currently doesn't have an access to support portal.

Ludolfo by L1 Bithead
  • 7142 Views
  • 3 replies
  • 0 Likes

Needed confirmation on firewall Port spanning or port mirroring

Dear Team, As per the customer requirement we want to perform Port spanning or port mirroring on the firewall interface so we need confirmation whether it is recommended from Palo Alto and if we perform this will there be any impact on the firewall as firewall is in production at data center or is there any alternate method for this. Request you...

Resolved! What ports are needed for site to site IPsec tunnels to work?

We have 2 palo alot firewalls & we are trying to establish a ipsec tunnel between both. We proved that all vpn configurations are correct and were able to establish the tunnel & pass traffic but only if we add a firewall rule saying allow any/any/any/any at the very top of the rule base, which goes against our security requirements. O...

Resolved! TSF file has entry of Core files but downloaded bundle says otherwise

Dear Patrons, I had an issue with PA where secondary active firewall stopped processing the traffic and unable to access the device from remote as well. We did a hard reboot to bring up the device and the connection restored successfully, but we wanted to investigate hence downloaded the Tech Support file and found HA2 went down, and also there...

Non business customer obtain PanOS downloads?

We use two PaloAlto PA-220 firewalls at my work place, and I have been so amazingly impressed by the GUI interface and all the reporting tools on PA devices (especially the Application Command Center ), I was considering piking up a 2nd hand PaloAlto PA-820 or PA-850 from eBay and using it at home with my existing Cisco SG-350X-24P Switch.Bas...

eveares by L1 Bithead
  • 4712 Views
  • 4 replies
  • 1 Likes

How to allow access to OWA to selected external users?

Hello everyone,I was hoping to get couple ideas on the problem that we currently have and cannot give a solution yet.About a year ago we were able to migrate our old firewalls infrastructure to PAN.We had 1 firewall facing internet(Sidewinder) - basically for Destination NAT functions, MS ISA server as proxy and main firewall (behind Sidewinder)...

Global Protect Gateway - Split-Tunnel Exluded Domains

Hello I am trying to exclude some domain from coming through the gateway to improve user experience so they are not hair-pinning through our DC's at the moment I have no access route entered so I am running 0.0.0.0/0 out of our DC's - there are are certain domains for Microsoft updates, teams and hosted business services when I add them to exclu...

Jake_Ryan by L1 Bithead
  • 13141 Views
  • 13 replies
  • 0 Likes

Resolved! Filename field is empty on threat log

Dear Patrons, There are two IPS in place with following configuration. Objects > Security Profiles > Antivirus (Reset- Both)Objects > Security Profiles > Anti-Spyware (no detail found)Objects > Security Profiles > Vulnerability Protection (Reset- Both)But we noticed that one IPS shows the filename in threat log (setup.exe) but ...

ICMP problem

I have very simple topology Huawei switch Eth-trunk----------------Aggregation Palo alto ------------P2P------- Router In Huawei switch created two vlan's vlan 10 , vlan 20interface vlan 10ip address 172.16.1.100interface vlan 20ip address 172.16.2.100ip static-route 0.0.0.0 0.0.0.0 172.16.1.100 In palo alto Aggregation with two sub-interface...

Cisco ATA Call Quality Problems Through New ASAs

Hello Community, My company has a Cisco VOIP phone system. We recently switched over to PAN220 to PAN220 firewalls w/ IPSEC VPN tunnel connectivity between our two locations. We are experiencing significant problems with a single Cisco ATA 191 SIP device:https://www.cisco.com/c/en/us/products/collateral/unified-communications/ata-190-series-anal...

Prisma Saas with Panorama

Hello , Can we intergrate Prisma SaaS into Panorama and All the centralised policy and Monitoring via Panorama ?? Any related document ? Same like other DLP Vendors . for eg Mcafee EPO integrates well with MVISION ( Sky High)

Resolved! GlobalProtect on mobile devices and geolocation

Hello All,Just want to start by stating I have not tried this yet so I am asking the community to see if anyone has. The question is, will maps/directions and geo location work correctly for a mobile device if the mobile device is on GlobalProtect. Typically when you connect to a VPN you get the 'location' of the nated IP, so I am looking to see...

  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks