This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
About General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.

Discussions

Start a conversation

Discover LIVEcommunity Through Our New Animated Explainer Video!

We’re thrilled to unveil a brand-new animated video that highlights everything LIVEcommunity has to offer! This short and engaging video gives you a quick tour of the many resources available in our vibrant community — from interactive discussions and customer journey guides to the Cyber Elite program and Member Spotlight features. Whether ...

kiwi_0-1745308399217.png
kiwi by Community Team Member
  • 4125 Views
  • 0 replies
  • 0 Likes

Virtual Wire - Two Subinterface with seperate Tag Paired

hi..I'm working on a virtual-wire solution where the firewall is connecting to single switch fabric, so the ingress and egress is between same firewall and switch. Is it possible to create a virtual wire pair with different sub-interface tags ? eg: If ingress to firewall from switch is on vlan 10 and egress from firewall to switch is on vlan 20,...

kan0062 by L1 Bithead
  • 3205 Views
  • 2 replies
  • 0 Likes

Minemeld unable to login to web gui

I have seen a few related articles on here about this already, but I haven't been able to resolve my issue. I am receiving the following error when trying to login to the web gui: "ERROR CHECKING CREDENTIALS: Bad Gateway" I found that the minemeld.service will not start and found this error via journalctl -xe -- Subject: Unit minemeld.servic...

All site to site tunnels drop

We had an incident where we have site to site VPNs coming into the Palo. The connection dropped and they would not come backup, even after dropping the VPN on both devices. The end result was a reboot of the firewall and it came back up. What I saw in the logs is pasted below. Customer support just said "As we can see from the Ike manager lo...

Resolved! MineMeld Engine Stuck in Restart Loop

Hello, I face an issue where my MineMeld server keeps on restarting continuously. Initially, it showed an error about low disk space, which got fixed by purging logs, however, the engine keeps restarting. Below is the sample log which I keep seeing repeatedly in engine logs. Attached the complete file. Any help is appreciated. Thanks in advance....

Multiple websites are getting blocked

Users has been reported that multiple sites are getting blocked suddenly, We have the connectivity between minemeld and Panorama, where the Malicious URL's or IP's getting blocked. We need support in getting verified the MINEMELD configuration what caused the internet sites are getting blocked during issue.

url filtering with Alert category

Hi, I have configured the URLs to allow through the firewall with an alert category. The firewall is allowing the URL but user get the "warning: Potential Security Risk Ahead" page with Go Back (recommended) and Advanced option. Is there any technique to allow user directly go onto the URL page instead go to advanced and continue to the websit...

image006.jpg
ChiragP by L2 Linker
  • 10115 Views
  • 7 replies
  • 0 Likes

Export logs from PA7050 to Window Log Server

Hi Guys, Any possibility we can export daily logs from PA7050 to external windows log server through SCP or FTP? Been told there is a limitation for PA7050 to do so because the log database is too large for export or import. Any possible can do it by scripting? Thank you.

Natting to ip address which is not binded to any interface

Hello Everyone,I want to nat traffic going from dmz zone to wan zone. I want to nat ip (172.16.16.16&172.16.17.17-dmz zone) to use nat ip 200.0.0.1 which is not configured to any interface. I am unable to perform this. Please find below snap.1)Interface IP addresses.2)NAT rule3)Security Policy 4)Topology On R2 when i debug ip address i can s...

nitesharbale_0-1583322314964.png
nitesharbale_1-1583322411216.png
nitesharbale_2-1583322611401.png
nitesharbale_0-1583322960961.png

Resolved! Response page variables display as $(url.host) and $(x-exception-category)

Below is the response page. This is being served correctly when the webpage is blocked due to URL category filter.The variables for <url/> and <category/> don't seem to get replaced correctly.PanOS 8.1.10.Webpage text displays as "The requested URL host is: $(url.host) Which has been categorized as: $(x-exception-category)" <html...

Log traffic on Panorama is less than firewall device

Hi everyone,iam using the monitor > traffic on panorama and saw the period logs more smaller than the firewall device, in panorama we have log until 02/14/2020, while in firewall device the log starts on 01/31/2020, i used the command show system logdb-quota, but i cant saw the quota from panorama, is there a way to verify this diference? byb...

bmacedo by L0 Member
  • 2973 Views
  • 1 replies
  • 0 Likes

Resolved! SFP Compatibility for PA-820

Hi All, I would like to know please a compatible Brand of SFP ports 1Gbps MMF for Firewall Palo Alto PA-820, for this FIrewall the SFP model in Palo Alto is: PAN-SFP-SX . I have been told that the brand Finisar model: Ftlf8519p3bnl is compatible with that. I would like to make sure about that please since I am in Bolivia and it is really hard...

PBF rule with src zone 'any'

Does anyone if it is/should be possible to configure a PBF rule with src zone any?The inline help says "To choose source zones (default is any), click Add and select from the drop-down." but 'any' is not an option when I actually try to create the rule in Panorama and I'm forced to choose a zone to be able to save the rule.

pkaren by L1 Bithead
  • 2670 Views
  • 2 replies
  • 0 Likes

Measure CPS practically

Hi Guys,We have PAN VM 300. To implement Zone Protection, we want to measure CPS. Now we dont have Panorama and dont do firewall monitoring with any tool.Now the admin guide suggests that:Use third-party tools such as Wireshark or NetFlow to collect and analyze network traffic.Use scripts to automate CPS information collection and continuous mon...

Resolved! Is PAN-OS 9.0 recommended version for PA-3020 device?

Hi, Is PAN-OS 9.0 recommended version for PA-3020 device? I can see the OS 9.0 is supported to PA-3020 but not sure whether is recommended version for PA-3020? Also, I have gone through the known issues about OS 9.0 and looks like no major impact that could affect on to the network. However, I would like to stick with a recommended version so pl...

ChiragP by L2 Linker
  • 5642 Views
  • 3 replies
  • 0 Likes
  • 24336 Posts
  • 124 Subscriptions
Top Liked Authors
View All
Labels
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks