This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4117 Views
  • 0 replies
  • 0 Likes

Resolved! Static Route Path Monitoring Clarification

Hi, Let's say a scenario where I have a default route configured to go out interface 2 with a Metric of 10 Then I have another static route to go out interface 3 with metric of 5. On this route I setup path monitoring to ping an ip address that is accessible to both interface 2 and interface 3. Does the static route path monitoring ensure that i...

Resolved! NCAA 2020 App-ID

Is there any timeframe for when the new NCAA app-id's released for March Madness? I found the 2017 app-is signatures, and a link for the 2018 signatures but was not able to access the files.

Global Protect Sign Out function

Running PanOS 8.1.1 & GlobalProtect Agent 5.1.0 & connect method Pre-logon (Always On) When connected and authenticated to my VPN from an external network - all is good. I can restart with a connection to my internal WiFi and my VPN connection shows Internal (because I have Internal Host Detection configured). If I then open the GP app...

Whys is Passive peer still passing traffic?

When I go to Monitor > Session Browser I still see active connections on the pasive peer. I verified it is truly the passive firewall and the other is active and that its supposed to be in Active/Passive mode in the HA configuration. Running the show session all command reveals the same thing. All time stamps are current.

Resolved! Problem Deploying new content version to log collectors

Last weekend, I worked with a client to upgrade their Panorama (HA) from 8.1.6 to 9.0.6. Everything went smoothly. This weekend the plan was to upgrade the log collectors ( 2 M200s) When installing 9.0.6 on the log collectors it complained that the log collectors needed to have a more current version of content then they currently had. Unfor...

Resolved! Panorama Integration with PA HA

Hi, I am new to Palo Alto and want to do Palo Alto integration with our Panorama. need some guidelines for the same. and do we need to break HA for this process? Let me know if any other inputs.

BK0007 by L2 Linker
  • 4772 Views
  • 4 replies
  • 0 Likes

5200 upgrade from 8.1.5 to 9.0.6 and HA2 won't come up

Perform an upgrade from 8.1.5 directly to 9.0.6 yesterday on A/P pair of 5250. The HA2 link won't come up on 9.0.6 This is from TAC, Check the pan_dha.log in dp0-log and dp1-log for this error, I was able to see the following errors that explain as to why HA2 would not come up:pan_dha.log++++++++++++++Error: pan_dha_config_connection_load(pan_...

Floating mangement IP for firewall

Hi All,Can we setup floating management IP so that I can always login to active device ? We do have option by setting management profile for interface, but looking for an option if we can set it up via management interface . Thanks

deepak12 by L3 Networker
  • 4247 Views
  • 4 replies
  • 0 Likes

Using API to dynamically register and tag -- can IP address be a subnet or only individual address?

In one of our firewalls we have zone A which has network x.x.x.x/24, and zone B which has network y.y.y.y/24. There is a rule allowing traffic between them. Some high-ranking people at my company need to be able to block this traffic automatically at any time. I wrote a powershell script which is triggered by the incident management system when...

alterioc by L2 Linker
  • 3033 Views
  • 1 replies
  • 0 Likes

Resolved! Set up the HA ports to function as data ports

Hi,We have a shortage in Ethernet ports on a Paloalto firewallI would like to ask if it is possible to change a dedicated HA port to a data port (Layer3, Layer2...)? I know it is possible to change the type of a data port to an HA port.Thanks for your supportAli

aliomar by L0 Member
  • 3885 Views
  • 2 replies
  • 0 Likes

Resolved! How to limit youtube usage

We are using PA-3050 and would like to know how to limit Youtube usage to a certain Active Directory group (students) to 200mb per day. Please outline the steps.

PA-VM interzone routing

Hello,I've configured up two interfaces on my PA-VM (management 10.0.64.3 with VMnet0 - 10.0.64.0/24 and data with VMnet1 - 10.0.0.0/16). Management is directly connected to PC with Windows and Ethernet 1/1 to FastEthernet0/0 on my switch. I've configured trunk on FastEthernet 0/0 and i've problem with interzone routing. Any solutions?

1.PNG
2.PNG
3.PNG
4.PNG
Werpet by L1 Bithead
  • 5266 Views
  • 5 replies
  • 0 Likes

Virtual Wire - Two Subinterface with seperate Tag Paired

hi..I'm working on a virtual-wire solution where the firewall is connecting to single switch fabric, so the ingress and egress is between same firewall and switch. Is it possible to create a virtual wire pair with different sub-interface tags ? eg: If ingress to firewall from switch is on vlan 10 and egress from firewall to switch is on vlan 20,...

kan0062 by L1 Bithead
  • 3204 Views
  • 2 replies
  • 0 Likes
  • 24334 Posts
  • 124 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks