General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Resolved! HA Configuration Sync from PA-A to PA-B?

Hello everyone, Here is the scenario: PA-A has the full configuration and a Device Priority of 50. PA-B has no configuration and a Device Priority of 100. Both firewalls are configured in Active-Passive mode and belong to the same Group ID. Under High Availability → General → Setup, for the option “Enable Config Sync”, which firewall should ha...

Route & Path Selection

I have a Cisco backround & I am currently studying Virtual Routers & Static Routes in the PA 8.0 admin guide. I am trying to understand how Metrics are used in the firewall because it sounds like Administrative Distance does the same thing. Can someone tell me if my theory is right when it comes to Palo Alto forwarding packets to an in...

XFF IP Address Logging clarification and impact

I would like to view XFF IP Address in the Logs. I went through a few articles and have a few clarifications: https://docs.paloaltonetworks.com/network-security/security-policy/administration/identify-users-connected-through-a-proxy-server/use-xff-values-for-ip-based-security-policy-and-logging https://docs.paloaltonetworks.com/network-securit...

ET_0-1778692034141.png
ET by L3 Networker
  • 517 Views
  • 2 replies
  • 0 Likes

Ruckus vsz Syslog and User-ID Agent

Hello community, this topic has been on my mind as well. I already searched the forums, but unfortunately I couldn’t quite make sense of it. Which setting do I need to configure on a VSZ 7.1.1.0.872 for the syslog server? Take a look at the image, please! Or rather: will I then see these entries in the syslog that ends up on the Palo Use...

2026-05-11_08-41-10.jpg

Design active passive connected with vrrp switches

Design active passive connected with vrrp switches for physical connection and AE i want to connect full mesh topology but want to confirm it's working like stack switches. PA1 > (2 links sw1,sw2) PA2 > (2 links sw1,sw2) so for aggregation to i can assign port to the AE. thanks.

Configuring XFF logging without a URL Filtering License

1. Create a Custom URL Category with * under ‘sites’ (Objects >> Custom Objects >> URL Category >> Add) 2. Create a URL Filtering Profile & set your Custom Category action to “alert” (Objects >> Security Profiles >> URL Filtering >> Add) Tick the box to log XFF on the ‘URL Filtering Settings’ tab… ...

1.png
2.png
3.png
4.png

Resolved! X-Forwarded-For (XFF) operation query

Hello, We are evaluating the implementation of X-Forwarded-For (XFF) functionality for logs. https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/policy/identify-users-connected-through-a-proxy-server/use-xff-values-for-ip-based-security-policy-and-logging However, this functionality was activated and affected the traffic, denying traffic...

Alpalo by L4 Transporter
  • 2158 Views
  • 2 replies
  • 1 Likes

Regarding HA ports and PoE ports

Thank you for your continued support. Please allow me to confirm the following. ① The PA-400 and PA-500 series do not have HA ports. However, we are assuming that the regular ports will be used as HA ports. In that case, are two HA ports required? Currently, we are using 8 ports (1 port for HA), so we understand that a device with 9 or more ...

Resolved! PA-445 setup on Mac

Hey All, Completely new to firewall configurations, so i'm hoping to get some clarity. I was tasked to configure a PA-445, i'm trying to do a basic setup and can log into the GUI but the option to setup through the Standard method doesn't do anything after clicking the button. The ZTP setup works when i click on that button and can see the in...

GlobalProtect Release for Ubuntu 26.04 LTS ?

Hello together.recently was the new Ubuntu 26.04 LTS release, until now the provided GlobalProtect client supports only Ubuntu 24.04:https://docs.paloaltonetworks.com/compatibility-matrix/reference/globalprotect/where-can-i-install-the-globalprotect-app?otp=linux#linux When can we expect the new GlobalProtect version for Ubuntu 26.04 ? Best re...

Resolved! Customer support portal not open

Dear Team, I want to tell you whenever I login to customer service portal then its gives error . please tell how to resolve this error. Error: An unexpected error has occurred. Please contact support.

Palo Alto Networks Certified Security Professional

I’ve just begun my journey toward the Palo Alto Networks Certified Security Professional certification. As a native French speaker, I feel more comfortable studying in my first language, and I was wondering whether the training platform I’m currently using — Customer Hub - The Learning Center — is available in French. Studying in French would gr...

M.Djoko by L0 Member
  • 959 Views
  • 1 replies
  • 0 Likes

Resolved! Restriction for generative AI application

Hello Our company has purchased licenses for certain generative AI applications, such as ChatGPT and Gemini. We would like to enforce access only through company-provided licensed accounts and block access using personal accounts or unauthenticated sessions. Can this be achieved through the firewall? Thanks,

  • 24393 Posts
  • 123 Subscriptions
Top Solution Authors
Labels